www.gzeme.lt Open in urlscan Pro
185.5.53.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Submission: On March 24 via manual (March 24th 2022, 7:16:52 am UTC) from US — Scanned from ES

Summary HTTP 280 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 33 domains to perform 280 HTTP transactions. The main IP is 185.5.53.26, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is www.gzeme.lt.
TLS certificate: Issued by R3 on January 28th 2022. Valid for: 3 months.

This is the only time www.gzeme.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	185.5.53.26 185.5.53.26	212531 (INTERNETO...) (INTERNETO-VIZIJA)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	51.83.210.184 51.83.210.184	16276 (OVH) (OVH)
7	37.59.253.101 37.59.253.101	16276 (OVH) (OVH)
11	2606:4700:303... 2606:4700:3033::6815:19d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
4	54.38.133.12 54.38.133.12	16276 (OVH) (OVH)
4	2606:4700:20:... 2606:4700:20::681a:dd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	37.59.235.100 37.59.235.100	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4 4	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3034::6815:4bd2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:710... 2a02:26f0:7100:484::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4007:809::2003	15169 (GOOGLE) (GOOGLE)
5	54.156.166.5 54.156.166.5	14618 (AMAZON-AES) (AMAZON-AES)
1	54.210.134.238 54.210.134.238	14618 (AMAZON-AES) (AMAZON-AES)
1	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6 13	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
280	49

38 185.5.53.26 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: tetervinas.serveriai.lt

www.gzeme.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gzeme.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.83.210.184 (France)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-83-210.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.59.253.101 (France)

ASN16276 (OVH, FR)
PTR: vh11a.eris-h.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::6815:19d3 (United States)

ASN13335 (CLOUDFLARENET, US)

ost1.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

day.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.133.12 (France)

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:dd1 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 37.59.235.100 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w24.of.pl

cdnf.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnt.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::6815:4bd2 (United States)

ASN13335 (CLOUDFLARENET, US)

traffix.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

vast.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:484::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

vast.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4007:809::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.156.166.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-166-5.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.134.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-134-238.compute-1.amazonaws.com

gov.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 184.30.21.112 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	onnetwork.tv video.onnetwork.tv — Cisco Umbrella Rank: 43854 cdnf.onnetwork.tv — Cisco Umbrella Rank: 161959 cdn.onnetwork.tv — Cisco Umbrella Rank: 43965 cdnt.onnetwork.tv — Cisco Umbrella Rank: 52701	791 KB
38	gzeme.lt www.gzeme.lt gzeme.lt	2 MB
31	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	1 MB
17	stickyadstv.com 6 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 626 cdn.stickyadstv.com — Cisco Umbrella Rank: 2067	290 KB
17	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 595 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2193	44 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2029 www.google.com — Cisco Umbrella Rank: 2	189 KB
11	gismeteo.lt ost1.gismeteo.lt www.gismeteo.lt — Cisco Umbrella Rank: 680198	20 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	79 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	502 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	719 KB
8	aniview.com vast.aniview.com — Cisco Umbrella Rank: 62570 player.aniview.com — Cisco Umbrella Rank: 1997 track1.aniview.com — Cisco Umbrella Rank: 1948 gov.aniview.com — Cisco Umbrella Rank: 10292	106 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	59 KB
7	traffix.lt traffix.lt	92 KB
5	adocean.pl lv.adocean.pl — Cisco Umbrella Rank: 90956	73 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	197 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	111 KB
4	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 36729	567 KB
4	gemius.pl adlv.hit.gemius.pl — Cisco Umbrella Rank: 97105	420 B
4	adform.net s1.adform.net — Cisco Umbrella Rank: 8028 adx.adform.net — Cisco Umbrella Rank: 4064	26 KB
3	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 260	2 KB
2	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 387	2 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 419 image6.pubmatic.com — Cisco Umbrella Rank: 571	6 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 96	3 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	33 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	83 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	83 KB
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 268 pr-bh.ybp.yahoo.com Failed
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594
1	smilewanted.com vast.smilewanted.com — Cisco Umbrella Rank: 170364	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	33 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	day.lt day.lt	822 B
280	33

	Domain	Requested by
37	www.gzeme.lt	www.gzeme.lt
33	cdn.onnetwork.tv	www.gzeme.lt video.onnetwork.tv
18	cdnt.onnetwork.tv	video.onnetwork.tv www.gzeme.lt
15	www.gstatic.com	video.onnetwork.tv www.gstatic.com www.google.com
15	fonts.gstatic.com	fonts.googleapis.com cdn.onnetwork.tv www.google.com
13	ads.stickyadstv.com	6 redirects player.aniview.com cdn.stickyadstv.com
11	pagead2.googlesyndication.com	www.gzeme.lt srcdoc imasdk.googleapis.com
10	ost1.gismeteo.lt	www.gzeme.lt
8	www.google-analytics.com	www.googletagmanager.com www.gzeme.lt www.google-analytics.com
8	eus.rubiconproject.com	www.gzeme.lt eus.rubiconproject.com
8	www.google.com	www.gzeme.lt www.gstatic.com www.google.com
7	traffix.lt	www.gzeme.lt traffix.lt
7	imasdk.googleapis.com	video.onnetwork.tv imasdk.googleapis.com
7	video.onnetwork.tv	www.gzeme.lt video.onnetwork.tv
5	track1.aniview.com
5	lv.adocean.pl	www.gzeme.lt lv.adocean.pl
4	cm.g.doubleclick.net	1 redirects
4	cdn.stickyadstv.com	player.aniview.com cdn.stickyadstv.com
4	token.rubiconproject.com	www.gzeme.lt eus.rubiconproject.com
4	securepubads.g.doubleclick.net	www.googletagservices.com
4	cdn.jsdelivr.net	video.onnetwork.tv traffix.lt
4	secure-assets.rubiconproject.com	4 redirects
4	www.googletagservices.com	www.gzeme.lt
4	stpd.cloud	www.gzeme.lt
4	adlv.hit.gemius.pl	www.gzeme.lt
4	fundingchoicesmessages.google.com	www.gzeme.lt
3	s.amazon-adsystem.com
3	adx.adform.net	s1.adform.net imasdk.googleapis.com
3	fonts.googleapis.com	www.gzeme.lt video.onnetwork.tv
2	search.spotxchange.com	player.aniview.com
2	www.facebook.com	1 redirects connect.facebook.net
2	s0.2mdn.net	imasdk.googleapis.com
2	connect.facebook.net	www.gzeme.lt connect.facebook.net
2	stackpath.bootstrapcdn.com	www.gzeme.lt stackpath.bootstrapcdn.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	player.aniview.com
1	ap.lijit.com	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	gov.aniview.com	player.aniview.com
1	player.aniview.com	imasdk.googleapis.com
1	csi.gstatic.com	imasdk.googleapis.com
1	vast.aniview.com	imasdk.googleapis.com
1	vast.smilewanted.com	imasdk.googleapis.com
1	pixel-eu.rubiconproject.com	www.gzeme.lt
1	stats.g.doubleclick.net	www.google-analytics.com
1	code.jquery.com	traffix.lt
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	lh3.googleusercontent.com	www.gzeme.lt
1	cdnf.onnetwork.tv	client
1	www.googletagmanager.com	www.gzeme.lt
1	day.lt	www.gzeme.lt
1	www.gismeteo.lt	www.gzeme.lt
1	gzeme.lt	www.gzeme.lt
1	s1.adform.net	www.gzeme.lt
0	pr-bh.ybp.yahoo.com Failed
280	55

This site contains links to these domains. Also see Links.

Domain
sena.gzeme.lt
facebook.com
pigu.lt
www.facebook.com
traffix.lt
www.blue-yellow.lt
www.gismeteo.lt
stipruskartu.lt
www.arbatinele.lt
akesovet.lt
melga.lt
saskaita123.lt
www.gastroklinika.lt
patogiai.lt
www.autoaibe.lt
www.naujos-padangos.lt
www.lovejob.lt
www.vittaa.lt
sportuojantys.lt
www.pirkitpadangas.lt
day.lt
www.jaunareklama.lt

Subject Issuer	Validity	Valid
gzeme.lt R3	`2022-01-28` - `2022-04-28`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2022-01-24` - `2023-02-06`	a year	crt.sh
onnetwork.tv R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-02-12`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Frame ID: F371DFED4154AD1BC9C6FBB73E0EB652
Requests: 115 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 42C71CE60833F3F07F000442D02BFFB4
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 2FF5F5FAAF0B646A796CD33509725CEF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 4D3D4CD1FDA2136E2DCD664D1F4B04BB
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 8675865AADAF198188D649FAF24937A5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 7DE5EB88EF3B19543B77CA2FE6F386AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/roboto.css
Frame ID: BFA76CFCF3189198C343150DEDE5FFB0
Requests: 26 HTTP requests in this frame

Frame: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3
Frame ID: 0FB1F2E99665C7EBFCEFF209055AE35B
Requests: 22 HTTP requests in this frame

Frame: https://traffix.lt/frontend/infoblocks/responsive/129
Frame ID: 4EF1176EC95DF8D57A424CAF62BBFD41
Requests: 10 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 497BF0EC0F0AFAA61D4F36329A9E364D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: AB4FB7B947DA0EF6F2A36F8F5C3D883D
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 787472D53DDD8C52D4DC2F81B63409BE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: F9B8167415B341BEDEF4B5BC041FFDE5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html
Frame ID: 3B669A54EB3EB60681425C3984D71516
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1162E496E7797EE54315E5DA6E867BAE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=z23to1l8t07x
Frame ID: 43514A47822521DC5733BC6D62BC2900
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&theme=light&size=normal&cb=kpkhdbf7rzpd
Frame ID: 82952DC03481079A819023130F786230
Requests: 8 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/roboto.css
Frame ID: 158683D5DFBB254847C2A19117B19F14
Requests: 24 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html
Frame ID: 643894C74667CB45055041098292D2DD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9957F10DC80535B8854A474B19385A98
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dab18b890d1dc%2526domain%253Dwww.gzeme.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.gzeme.lt%25252Ffa398b8b2e9608%2526relation%253Dparent.parent%26container_width%3D268%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLaikra%2525C5%2525A1tis-Gimtoji-%2525C5%2525BEem%2525C4%252597-1507443492900518%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
Frame ID: E9EE0E1974B811E90844DFC6BC62D886
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV
Frame ID: 2A981BC916C653DF8CBAA817BDA02482
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 1568D6F55B09495C047D0ABE347789CC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648106209415-988811949874-008110-010-003726%26biddername%3D1%26key%3D
Frame ID: B4515409EE2A4AFCBD56B8E547760396
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648106209415-988811949874-008110-010-003726%26biddername%3D18%26key%3D%24UID
Frame ID: AD0D3E5A86003142B859C5F1694C7448
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: C7C45144596B8A05918F43D667CA41F5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 50FF46CEE48012DCFBA3A3634FA72FB9
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D966FAA7562F810A373AF2DAF7F4B4A5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gimtoji zeme - Populiariausios turizmo prekės: ką verta įsigyti?

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

280
Requests

96 %
HTTPS

53 %
IPv6

33
Domains

55
Subdomains

49
IPs

8
Countries

7238 kB
Transfer

16630 kB
Size

26
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: http://sena.gzeme.lt/?s_id=1&arch=1
Title: Archyvas

Search URL Search Domain Scan URL

URL: https://facebook.com/Vinkama-Lazerin%C4%97s-dermatologijos-klinika-102473458883956/?refsrc=deprecated&_rdr

Search URL Search Domain Scan URL

URL: https://pigu.lt/lt/palapines
Title: čia

Search URL Search Domain Scan URL

URL: https://pigu.lt/lt/turizmo-prekes
Title: turizmo prekės

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Search URL Search Domain Scan URL

URL: https://traffix.lt/
Title: traffix.lt

Search URL Search Domain Scan URL

URL: https://www.blue-yellow.lt/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-ukmerg%C4%97-4204/
Title: Ukmergė+2 °CDebesuota3 m/s, šv 761 mmHg 87 % drėg.Kt, 24 kovoPn, 25 kovoDieną+105 m/s75955 %Vakare+73 m/s76079 %Naktį+33 m/s75972 %Ryte+75 m/s75965 %

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-ukmerg%C4%97-4204/2-weeks/

Search URL Search Domain Scan URL

URL: https://stipruskartu.lt/lt/

Search URL Search Domain Scan URL

URL: https://www.arbatinele.lt/index.php?route=common/home

Search URL Search Domain Scan URL

URL: https://akesovet.lt/

Search URL Search Domain Scan URL

URL: https://melga.lt/3-padangos
Title: Padangos pigiau iš melga.lt

Search URL Search Domain Scan URL

URL: https://saskaita123.lt/
Title: Sąskaita faktūra

Search URL Search Domain Scan URL

URL: https://www.gastroklinika.lt/
Title: Skrandžio mažinimas

Search URL Search Domain Scan URL

URL: https://patogiai.lt/
Title: Laisvalaikio prekės

Search URL Search Domain Scan URL

URL: https://www.autoaibe.lt/
Title: Automobilių dalys iš autoaibe.lt

Search URL Search Domain Scan URL

URL: https://www.naujos-padangos.lt/
Title: Padangos internetu

Search URL Search Domain Scan URL

URL: https://www.lovejob.lt/darbo-skelbimai/
Title: Siūlo darbą

Search URL Search Domain Scan URL

URL: https://www.vittaa.lt/
Title: Moteriški drabužiai

Search URL Search Domain Scan URL

URL: https://sportuojantys.lt/
Title: Papildai sportuojantiems

Search URL Search Domain Scan URL

URL: https://www.pirkitpadangas.lt/
Title: Padangos internetu Pirkitpadangas.lt

Search URL Search Domain Scan URL

URL: https://day.lt/vardai/Daumantas
Title: Daumantas

Search URL Search Domain Scan URL

URL: https://day.lt/vardai/Donardas
Title: Donardas

Search URL Search Domain Scan URL

URL: https://day.lt/vardai/Gabrielius
Title: Gabrielius

Search URL Search Domain Scan URL

URL: https://day.lt/vardai/Ganvil%EB
Title: Ganvilė

Search URL Search Domain Scan URL

URL: https://day.lt/vardai/Liucija
Title: Liucija

Search URL Search Domain Scan URL

URL: https://www.jaunareklama.lt/lt/internetiniu-svetainiu-puslapiu-kurimas.htm
Title: Interneto svetainių kūrimas:

Search URL Search Domain Scan URL

URL: https://www.jaunareklama.lt/
Title: Jauna Reklama

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 66

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 93

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 146

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 230

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dab18b890d1dc%26domain%3Dwww.gzeme.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gzeme.lt%252Ffa398b8b2e9608%26relation%3Dparent.parent&container_width=268&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLaikra%25C5%25A1tis-Gimtoji-%25C5%25BEem%25C4%2597-1507443492900518%2F&locale=lt_LT&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dab18b890d1dc%2526domain%253Dwww.gzeme.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.gzeme.lt%25252Ffa398b8b2e9608%2526relation%253Dparent.parent%26container_width%3D268%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLaikra%2525C5%2525A1tis-Gimtoji-%2525C5%2525BEem%2525C4%252597-1507443492900518%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Request Chain 263

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=&google_tc=

Request Chain 264

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 272

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=53bdf2a7494585ee3855c4db7d22&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l29ce_7078562272285410242 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0fac73dd-ae90-4168-bc13-a6ee5502ef44 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENdI7OcIZc6tl08Gnx1T-O8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABOHU7EeDYAADG5TbGIGA&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/53bdf2a7494585ee3855c4db7d22?gdpr=0&gdpr_consent=&gdpr=0

Request Chain 276

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

Request Chain 278

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 280

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

Request Chain 282

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

280 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/ 118 KB
26 KB 255ms
89ms Document
text/html 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: b200c628f9431f44345ceabd3d25351e290eb9b9cf013690b14ce879ea8c47a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
server: Apache
vary: Accept-Encoding
last-modified: Thu, 24 Mar 2022 07:16:21 GMT
etag: "6562-5daf19f7ec8a0"
accept-ranges: bytes
content-length: 25954
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8
content-encoding: gzip

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 233ms
70ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 AGSKWxVDJeJhjXxj88qSJhgW_cODv31-sdnZjoiwaey8P25S4TZNP8PyB9TRDzwwhkWzQH1a1qyX5tbEK5RqvaCcRrw= Show response
fundingchoicesmessages.google.com/f/ 89 KB
32 KB 234ms
88ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVDJeJhjXxj88qSJhgW_cODv31-sdnZjoiwaey8P25S4TZNP8PyB9TRDzwwhkWzQH1a1qyX5tbEK5RqvaCcRrw=

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de70eadcf97b8523a9fb8f31f15ca8663e37aa6e943203e416d8d864d0b3d34c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-23E447fCScxqt0QOgM53aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-23E447fCScxqt0QOgM53aA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-23E447fCScxqt0QOgM53aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-23E447fCScxqt0QOgM53aA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.min.css
www.gzeme.lt/wp-includes/css/dist/block-library/ 53 KB
8 KB 86ms
85ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Sep 2020 22:25:59 GMT
server: Apache
etag: "d293-5ae4800de4bc0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7907
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 styles.css
www.gzeme.lt/wp-content/plugins/contact-form-7/includes/css/ 2 KB
808 B 86ms
85ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Oct 2020 12:22:46 GMT
server: Apache
etag: "780-5b127e3b9d180-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 728
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 woocommerce-layout.css
www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/ 16 KB
2 KB 87ms
86ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "409e-5d9e4b2b1d784-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2157
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 woocommerce-smallscreen.css
www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 161ms
158ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "1a66-5d9e4b2b1db6c-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1055
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 woocommerce.css
www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 89ms
88ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/css/woocommerce.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 9575dd0a8289678d89fee43f35b59fa4a6dde8dbf5329441468cb0f680e9d51e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "f3b8-5d9e4b2b23d14-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8778
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 polls-css.css
www.gzeme.lt/wp-content/plugins/wp-polls/ 3 KB
803 B 86ms
84ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/wp-polls/polls-css.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Aug 2020 12:45:13 GMT
server: Apache
etag: "a94-5ad4e7dca0840-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 723
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 106ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 9039144
cdn-cachedat: 2021-07-16 22:48:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c860eeaa24f026fae8f3d0b5581dc8b7
cf-ray: 6f0d9f854ae565fb-MAD
cdn-requestcountrycode: IN
cdn-requestpullsuccess: True

GET
H2 200 magnific-popup.css
www.gzeme.lt/wp-content/themes/gzeme/css/ 8 KB
2 KB 91ms
90ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/css/magnific-popup.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 22b5b69efbb5b00f3ac8b6908bef9ed9aca8cc213be5f1185cb81cd6159a243e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Nov 2018 12:45:01 GMT
server: Apache
etag: "1f3e-57b90b3868d40-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1847
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 slick.css
www.gzeme.lt/wp-content/themes/gzeme/css/ 2 KB
657 B 90ms
89ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/css/slick.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Nov 2018 12:57:30 GMT
server: Apache
etag: "767-57a12a92f4280-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 577
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 style.css
www.gzeme.lt/wp-content/themes/gzeme/ 64 KB
9 KB 92ms
92ms Stylesheet
text/css 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/style.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 5275fdfe7a60d43474d01c5a771eb04c0d7df191e6e672a57d4a300ff8b71c4d

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Aug 2020 10:48:32 GMT
server: Apache
etag: "10168-5ad38bea7e000-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9218
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 jquery.js Show response
www.gzeme.lt/wp-includes/js/jquery/ 95 KB
33 KB 158ms
158ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-includes/js/jquery/jquery.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Sep 2019 10:25:57 GMT
server: Apache
etag: "17a69-591cbbf465740-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33776
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 lazysizes.min.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/plugins/ 7 KB
3 KB 89ms
89ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/plugins/lazysizes.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Feb 2019 12:05:43 GMT
server: Apache
etag: "1a5d-581388b8d53c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3153
expires: Fri, 24 Mar 2023 07:16:44 GMT

GET
H2 200 magnific.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/plugins/ 20 KB
7 KB 87ms
83ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/plugins/magnific.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: a3a1d3ef0636f519d37eafe44045a350594b59de1556ca68fc855a79bdeda319

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Nov 2018 12:33:10 GMT
server: Apache
etag: "4f2b-57b9089258d80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7339
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 ofi.min.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/plugins/ 3 KB
1 KB 89ms
84ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/plugins/ofi.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Apr 2019 11:07:32 GMT
server: Apache
etag: "cda-58758d3182500-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1428
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 slick.min.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/plugins/ 42 KB
10 KB 91ms
87ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/plugins/slick.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Nov 2018 12:57:32 GMT
server: Apache
etag: "a770-57a12a94dc700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10445
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 inview.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/ 5 KB
2 KB 90ms
86ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/inview.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jun 2020 13:03:45 GMT
server: Apache
etag: "14be-5a8abdf6eae40-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2129
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 main.js Show response
www.gzeme.lt/wp-content/themes/gzeme/js/ 9 KB
2 KB 88ms
84ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/js/main.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: dbbde0b6de7506be9d7e8b3513e82e2e6658b5f1e7809b7f309cc13a3f538de8

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jan 2020 17:34:47 GMT
server: Apache
etag: "2203-59ca9d300bbc0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2293
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 inview.js Show response
gzeme.lt/wp-content/themes/gzeme/js/ 5 KB
2 KB 169ms
134ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://gzeme.lt/wp-content/themes/gzeme/js/inview.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Jun 2020 13:03:45 GMT
server: Apache
etag: "14be-5a8abdf6eae40-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2129
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 220ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86165d32c598052ca79e0a6652ba6f445ead7f7cbda7fc08b565e842985b7833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54736
x-xss-protection: 0
server: cafe
etag: 10183920059939309903
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
3 KB 241ms
75ms Script
application/x-javascript 51.83.210.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.210.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-51-83-210.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 17:31:08 GMT
server: GAD
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-type: application/x-javascript
content-length: 3211
expires: Thu, 24 Mar 2022 11:16:45 GMT

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 66 KB
13 KB 217ms
102ms Script
text/javascript 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

de7cdf237ef7275d01e172aa16685690b3af4d9263958fce3e20d98457ff941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 07:16:43 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:44 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
content-type: text/javascript;charset=utf-8
expires: Thu, 24 Mar 2022 07:16:43 GMT

GET
H2 200 widget_scrolllist.php Show response
video.onnetwork.tv/widget/ 2 KB
3 KB 184ms
69ms Script
text/html 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=692

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

4cf94e461b91f929d46138b2bd676073d316c3734b01356eeef23c36f2a954b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Thu, 24 Mar 2022 07:16:44 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:44 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-type: text/html; charset=utf-8
content-length: 2468
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 informer.min.css
ost1.gismeteo.lt/assets/flat-ui/legacy/css/ 8 KB
2 KB 411ms
302ms Stylesheet
text/css 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/legacy/css/informer.min.css
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Mar 2022 09:33:11 GMT
server: cloudflare
etag: W/"621de857-2019"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHGVk4HxePh3ZwXOOQOEx3URuwsF2chnExKj0bQF0dc0QBFi4%2BykF52cVrjDMCHD%2BW%2BwfrsyNhI7ya6WptE3%2F4Xw0jTlXptFiy6gKtNurj0LIZPFT1Joqqknfc0d5iyLbQJV9e1oTvRm1Ry974Kh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6f0d9f85985e6635-MAD
expires: Thu, 31 Mar 2022 07:16:45 GMT

GET
H2 200 gisloader.svg
ost1.gismeteo.lt/assets/flat-ui/img/ 2 KB
1 KB 312ms
308ms Image
image/svg+xml 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/gisloader.svg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: W/"61657e87-8a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tysbs8MqcB6yDNoqZhHiDuomgD4%2FZf7UUvk6i9qVfhNsaXJvwHbG7fMSDr5uXcIobZx2WsDRsC1H6%2FoPgfTQVBwXU29IZm7l%2BtJ6FaMwqDdrA30CiTozEocaziD7pj8qWbncrUJ5aBWBpmI45G25"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 6f0d9f872a8a6635-MAD
expires: Thu, 31 Mar 2022 07:16:45 GMT

GET
H2 200 logo-mini2.png
ost1.gismeteo.lt/assets/flat-ui/img/ 680 B
1022 B 304ms
299ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/logo-mini2.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 680
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-2a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lnwzvEWaUo0bUxBNVtj%2FdT5Ycz6%2B7DaIVtsgm91kpaVSz3zhzbTVQDPtjg3nlHLpxDOEq2AfhWURv%2BBmmwHwYEfwGWGafX6PG%2BwvR%2Frg0qF7G1hTuPNNm9bz8ArXyiYL%2FjKTNUStxAcar%2F5HvEy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f872a8b6635-MAD
expires: Thu, 31 Mar 2022 07:16:45 GMT

GET
H2 200 gismeteo.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 189 B
436 B 320ms
315ms Image
image/svg+xml 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/gismeteo.svg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: W/"61657e87-bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLcXGIB3NIjFH7W7PPKOXN9Kt7IEOAHgEg2Noe66AFAc5qiqztkyG4C1cNaxLOkA7dF8S5vMRKCB8vgobxqm99w0Fle3sHbyvNzbyF2akwYvTgswIA4B450vGmTszkECm95HL07daQsIM%2ByvV5II"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 6f0d9f872a8d6635-MAD
expires: Thu, 31 Mar 2022 07:16:45 GMT

GET
H2 200 forecast-2weeks.lt.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 205 B
467 B 304ms
299ms Image
image/svg+xml 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/forecast-2weeks.lt.svg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: W/"61657e87-cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbUC0FB0D%2Fjz3zs4WvtuElxW6ghDhtqJAZtYKkHcrrTQweCEcSVV7XQls%2B9mFtl0cNgj%2BU2%2B9AebA1KGlnrBMaE8OLBOL0e%2FFGfS5nbVt8bt0L6leAy0JHhyfBM6IwD05o0NM7FiwY5nkPFrlmQR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 6f0d9f873a8e6635-MAD
expires: Thu, 31 Mar 2022 07:16:45 GMT

GET
H2 200 / Show response
www.gismeteo.lt/api/informer/getinformer/ 12 KB
4 KB 526ms
514ms Script
application/javascript 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.lt/api/informer/getinformer/?hash=N78OmWw317U887

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dff5bac6b25441f6dd34ee4a9a80a3e4f491460abefb256d1c8b179a10581304

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.router-ru-ost01
x-bck: 10.213.18.236:9000
x-decepticon: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxXOeF1IKNV0IEFZ7Ly2ZhgpCEQPzjHB%2F6oqLmHpyWqTHpVPyOXX4XrairIIcT7%2FewMfpEH0l8zOXQJjS7hz2IY5%2FXsYyh9r2oMj6LN7%2FXv5QoWQ0pw2SGOMih6VqTYTWD4aJmLdYYHrvLzTM1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8;
access-control-allow-origin: *
x-ssi: 107
vary: Accept-Encoding, Accept-Encoding, Accept, User-Agent
cache-control: no-cache, must-revalidate, no-cache, no-store, must-revalidate
cf-ray: 6f0d9f873a9a6635-MAD
expires: Thu, 24 Mar 2022 07:46:45 GMT

GET
H2 200 loading.gif
www.gzeme.lt/wp-content/plugins/wp-polls/images/ 771 B
831 B 84ms
80ms Image
image/gif 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/plugins/wp-polls/images/loading.gif
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Aug 2020 12:45:13 GMT
server: Apache
etag: "303-5ad4e7dca0840"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 771
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/lt_LT/ 3 KB
2 KB 185ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/lt_LT/sdk.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da7b3ca48968ab9ccfdec162906574b8e23f7472eff54766d0917a558c06a139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VRNXR0JipLW+X3l/v9EiPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: PiT8C1yJYeOwBJCeITSD0RcbOq11znETFDqtWM9lHKVUhWeVTFAlrE63V4sfyQanGhxcT6C7TFPudkP7LYQevg==
x-fb-trip-id: 917726464
x-fb-content-md5: 5217a2ea323e7cab0e3de394132b2d3d
x-frame-options: DENY
date: Thu, 24 Mar 2022 07:16:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1742c132d8b9c178ff8b9af24c494d4d"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 24 Mar 2022 07:21:03 GMT

GET
H2 200 dienos_vardadieniai Show response
day.lt/ 640 B
822 B 377ms
302ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://day.lt/dienos_vardadieniai?charset=utf
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/4.4.4-8+etch6
Resource Hash: 6d900d720cda0e62391c0ca1c6e824e44fc17abd8f78bac49e30781f0dbc7e83

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/4.4.4-8+etch6
content-description: https://day.lt vardadieniai
cf-ray: 6f0d9f878f8c6611-MAD
content-disposition: attachment; filename=vardadieniai.js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: negotiate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mC7AKHt5o7qMhAReKcnGEHe9p15KNlk0OffS5Y2xiRrO6nVyXFRxFQ0Oik%2Fcl%2BLXQExcosceWxrjkck9iuON1I8dg4ltk3TNwsE5nGi9KhM8OMWliY7%2FObofDza8tMmTIWwg2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
tcn: choice
content-location: dienos_vardadieniai.php

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 205ms
75ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-140720470-1

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cc8c6631a96b3298598fca4d4b0892838911dd8e63a929cfad0df8b194b550c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37162
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 913 B
995 B 198ms
69ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=anr_onloadCallback&render=explicit

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ee8f228e70fc7c19ba401c93cd2311cf7d222bfe6ec622a6613be18679280da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 scripts.js Show response
www.gzeme.lt/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 88ms
85ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Oct 2020 12:22:46 GMT
server: Apache
etag: "3719-5b127e3b9d180-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3911
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 jquery.blockUI.min.js Show response
www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 84ms
81ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "255e-5d9e4b2b2509c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3533
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 add-to-cart.min.js Show response
www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1009 B 87ms
84ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 2ab24792c49dc9eaec5d569d532211e24c93242074352e131d627d3169635ae6

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "a5c-5d9e4b2b248cc-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 952
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 js.cookie.min.js Show response
www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 87ms
84ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "736-5d9e4b2b2874c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 981
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 woocommerce.min.js Show response
www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/ 1 KB
648 B 90ms
87ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 0a8a1c16ef3ef056a530105e55b0d8d9aec811d68e2b66bf76beba05d263e883

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "57a-5d9e4b2b248cc-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 591
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 cart-fragments.min.js Show response
www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
981 B 161ms
158ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 8fad4915319845c1ac13c15ccc2163a680d4c34c61c0f9b6a144718f77cd2b5d

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 22:25:57 GMT
server: Apache
etag: "a08-5d9e4b2b2509c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 924
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 polls-js.js Show response
www.gzeme.lt/wp-content/plugins/wp-polls/ 3 KB
704 B 162ms
160ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/wp-polls/polls-js.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Aug 2020 12:45:13 GMT
server: Apache
etag: "caa-5ad4e7dca0840-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 648
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
652 B 198ms
70ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&ver=3.0

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05b445716488b2c470dd6d9f38b405643d5b75fd9b170f14a2ad2fafc30c0526

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 script.js Show response
www.gzeme.lt/wp-content/plugins/contact-form-7/modules/recaptcha/ 1 KB
520 B 161ms
158ms Script
application/x-javascript 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gzeme.lt/wp-content/plugins/contact-form-7/modules/recaptcha/script.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Oct 2020 12:22:46 GMT
server: Apache
etag: "4f3-5b127e3b9d180-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 463
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 191ms
69ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/wp-content/themes/gzeme/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

123eb1b10918cabd46a5600bb7b6c5fd874e23764aebe9c1ac013861e3e354e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/wp-content/themes/gzeme/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 07:16:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 07:16:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 07:16:45 GMT

POST
H3 204 AGSKWxWjPmVQVJ7GWof6_xQeQze7IRBjLJcRxvCiNRIng5tZupI6Hhbmq9qpyWrWZDd5v4fXBegd1KObkH-Re9_35g4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 139ms
73ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjPmVQVJ7GWof6_xQeQze7IRBjLJcRxvCiNRIng5tZupI6Hhbmq9qpyWrWZDd5v4fXBegd1KObkH-Re9_35g4=?pvid=F28614DC-C9C7-4275-8D66-48A47FF05092&anonid=303D39F6-6C6A-49D1-BFF7-64388EF59603

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.WMdtlciKNcs.es5.O/d=1/rs=AJlcJMyGN0jNHP6RSVQB4GRzNJzAl_xdvA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pv71q7H+UYOGhCFR125jCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-pv71q7H+UYOGhCFR125jCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-pv71q7H+UYOGhCFR125jCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-pv71q7H+UYOGhCFR125jCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU69kwn7Eu7veJDktCicmV1D8Mzl8xDD6kGl4m7h431kSjzL5lwKnRfhQgRJ5_ntOtDbHNy_fE5GQQEm2Dyzd4= Show response
fundingchoicesmessages.google.com/f/ 744 KB
93 KB 187ms
124ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU69kwn7Eu7veJDktCicmV1D8Mzl8xDD6kGl4m7h431kSjzL5lwKnRfhQgRJ5_ntOtDbHNy_fE5GQQEm2Dyzd4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ4MTA2MjA1LDE5MDAwMDAwMF0sIkYyODYxNERDLUM5QzctNDI3NS04RDY2LTQ4QTQ3RkYwNTA5MiIsIjMwM0QzOUY2LTZDNkEtNDlEMS1CRkY3LTY0Mzg4RUY1OTYwMyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5nemVtZS5sdC8yMDIxLzA1LzE3L3BvcHVsaWFyaWF1c2lvcy10dXJpem1vLXByZWtlcy1rYS12ZXJ0YS1pc2lneXRpLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35b0de866c4b7019c20c40a8fc2c62bf222d407d7ea810a962e559ef7c1ec178

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gpA5kCfsVBT0nZGzLc1cNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gpA5kCfsVBT0nZGzLc1cNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gpA5kCfsVBT0nZGzLc1cNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gpA5kCfsVBT0nZGzLc1cNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 106ms
71ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 602
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 02/27/2022 19:33:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: affc8b6418aebd33df3ab437182cd9b7
accept-ranges: bytes
cf-ray: 6f0d9f8768dcff0c-MAD
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 244ms
123ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 06:13:05 GMT
x-content-type-options: nosniff
age: 176620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 06:13:05 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v26/ 30 KB
30 KB 176ms
59ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:05:32 GMT
x-content-type-options: nosniff
age: 87073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30340
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 07:05:32 GMT

GET
H2 200 ad.js Show response
lv.adocean.pl/_1648106205341/ 59 KB
17 KB 77ms
76ms Script
application/x-javascript 51.83.210.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1648106205341/ad.js?id=mkqh5FS9zDcYVZdckVyTBE_Ef_zZfm8mmW402I6fjBj._7/x=1600/y=1200/nc=1
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.210.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-51-83-210.eu
Software: GAD /
Resource Hash: bd979d2c08599a8e31890422123c11c8cad736a7d140283a44fb85a647805f3e

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 17744
expires: Wed, 23 Mar 2022 07:16:45 GMT

GET
H2 200 logo.png
www.gzeme.lt/wp-content/uploads/2019/04/ 40 KB
40 KB 111ms
111ms Image
image/png 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2019/04/logo.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 7a1a68c882bf422b594d7f2746401980218dc3fff394cba82712320b138c165c

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jun 2019 14:23:09 GMT
server: Apache
etag: "9ec5-58bc215c98d40"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40645
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 1 KB
988 B 311ms
151ms Script
text/javascript 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTU5ODQyNw&bWlkPTU5ODQyNA&gdpr=1&url=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&callback=_adform_cb_1648106205344_1095064901144176

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a53e3fce80c17963a7f42f5818d501c1dc7366149f92ddaae5bc16fda9e344ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1648106205431/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=ufjkjlsurk/fastid=eqhkcodiihhqaembjdzehpkieoik/sarg=NC/inner=;/ 2 B
266 B 276ms
114ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1648106205431/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=ufjkjlsurk/fastid=eqhkcodiihhqaembjdzehpkieoik/sarg=NC/inner=;/extra=;
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Wed, 23 Mar 2022 07:16:45 GMT

GET
H2 200 ad.js Show response
lv.adocean.pl/_1648106205436/ 58 KB
17 KB 76ms
76ms Script
application/x-javascript 51.83.210.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1648106205436/ad.js?id=h6OsAkt7TaO.KtkwDpa8bmGS.FeH8PBsQ6rfKnUVLtH.j7/x=1600/y=1200/nc=1
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.210.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-51-83-210.eu
Software: GAD /
Resource Hash: bf2bf666ac38f2fa5f4fd56d8cdbb0d07cee9fec6ed875faada7ebb7259b5d56

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 17704
expires: Wed, 23 Mar 2022 07:16:45 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 42C7 461 KB
142 KB 121ms
48ms Script
application/javascript 2606:4700:20::681a:dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: /FnTyG7mivuubIGMmM4B7Q==
age: 6946
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 13:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ljs710p2zj6MeYY7XX6kK2fnYzVH9hqUkB2EGF4vQlssa4Wtz8egGZ5800%2Fn63io2WAvrnMNBMSfdppCQ6%2FilXqO4ZD6dTeUd9N6abs9DWsrZBv7m4Y2bW0Iq1HrguQ0gINuueT34w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 490ce321-f01e-0027-74b8-3ee853000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f0d9f8888096665-MAD

GET
H2 200 baneris-naujas-2.jpg
www.gzeme.lt/wp-content/uploads/2021/10/ 127 KB
128 KB 87ms
87ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2021/10/baneris-naujas-2.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 6587c6fea7e011eb1c5981b00c2d4b64409179e1da919cf7984bc748bc49313e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Oct 2021 08:18:40 GMT
server: Apache
etag: "1fc62-5cec46cedf800"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 130146
expires: Fri, 24 Mar 2023 07:16:45 GMT

GET
H2 200 Turizmas.jpg
www.gzeme.lt/wp-content/uploads/2021/05/ 353 KB
356 KB 87ms
87ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2021/05/Turizmas.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: dfe5108362b804a475a600ede56edaa70a3e11181bcc134578cd0127c0449ac1

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 May 2021 07:16:13 GMT
server: Apache
etag: "585de-5c2815e58c940"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 361950
expires: Fri, 24 Mar 2023 07:16:45 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1648106205531/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=zcrrbsluan/fastid=lbwlvgzeykvtrqaivbtbobfjxomm/sarg=NC/inner=;/ 2 B
36 B 176ms
114ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1648106205531/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=zcrrbsluan/fastid=lbwlvgzeykvtrqaivbtbobfjxomm/sarg=NC/inner=;/extra=;
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Wed, 23 Mar 2022 07:16:45 GMT

GET
H2 200 mobile_small_size_of_miniplayer_21_febuary_2022.css
cdnf.onnetwork.tv/f/4/2/4244/css/lt/ 309 B
320 B 167ms
56ms Stylesheet
text/css 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnf.onnetwork.tv/f/4/2/4244/css/lt/mobile_small_size_of_miniplayer_21_febuary_2022.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

6385fb90bce9904f8c58555d22ad7b279d34c5f8bb15302c92bb459c4e668745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 09:49:48 GMT
server: XO.webservantpro
etag: W/"6213603c-135"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 2FF5 461 KB
142 KB 55ms
55ms Script
application/javascript 2606:4700:20::681a:dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: /FnTyG7mivuubIGMmM4B7Q==
age: 6946
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 13:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq6Ymss5dgcAn2td4LVdhZPyRaMqNE1Ko3IIkmtWpcjuXcAJvKtsZfO4Dao9UE9JUtHhG4v1oYEChqFtY9raGwoZ5RGE9ldAlxhfpZAQWAraU2UN4qoeCYznvGKHnPyotBC8plE7WSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 490ce321-f01e-0027-74b8-3ee853000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f0d9f88b83c6665-MAD

GET
H3 200 css
fonts.googleapis.com/ 60 KB
4 KB 151ms
81ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.es.Vtw-UZ_T-js.es5.O/d=1/rs=AJlcJMwuoNFLzjCCpxkCz320GX3LjUR38Q/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31dda6cdd8ad7de0d570f703b6bb4f677dab097aa3495bd276e11d988d791f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 07:16:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 07:16:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H2 200 N6Qd3MxK0sWdWd_s_lhwT8Votx3EUX1L6ADlUeRrUUgzVn3zLyVYhue5DZywd4Y5QUPwgjF4yWcKDwHjwMS-DLZXySQg6PBM8ySFeeT5ipGT1SHzt0S3TQ=h60
lh3.googleusercontent.com/ 20 KB
21 KB 194ms
68ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/N6Qd3MxK0sWdWd_s_lhwT8Votx3EUX1L6ADlUeRrUUgzVn3zLyVYhue5DZywd4Y5QUPwgjF4yWcKDwHjwMS-DLZXySQg6PBM8ySFeeT5ipGT1SHzt0S3TQ=h60

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b180be1b4d41bf226a44cf7ea60f2982d7346966840e870aa9c2da0d607ec813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 05:35:03 GMT
x-content-type-options: nosniff
age: 6102
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20870
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 16 Mar 2022 05:33:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 42C7 83 KB
28 KB 194ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1f5ebf1aeb87d40360c81085ccfd0bf9714b24f2a253538adbff3f89a7634fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28171
x-xss-protection: 0
server: sffe
etag: "1167 / 318 of 1000 / last-modified: 1648090831"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4D3D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

175ms
55ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Mar 2022 07:16:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Thu, 24 Mar 2022 07:16:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2FF5 83 KB
28 KB 198ms
84ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e898df2add0b150a1e3c17944b79d34bf05cda83d7a0057a6ed42d2954425b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28171
x-xss-protection: 0
server: sffe
etag: "1167 / 483 of 1000 / last-modified: 1648090831"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Mar 2022 07:16:45 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8675
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

174ms
56ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Mar 2022 07:16:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Thu, 24 Mar 2022 07:16:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 oframe86.php Show response
video.onnetwork.tv/ 267 KB
61 KB 91ms
90ms Fetch
text/html 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/oframe86.php?id=ffEXSc9961e2fb5f8eb5dd82de61302fe21bd1&iid=1641517434&e=1&onnsfonn=1&mid=MTA0MzE5LDE2eDksNCwwLDAsNzk0NiwxLDAsMSwwLDEsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwtMTstMTsyMDsyMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA%3D&wtop=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&apop=0&vpop=0&apopa=0&vpopa=0

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

119d5d996d4d8d0a293b0c3bd450ba25d961a7d3aedba08aab861fb6ec8b6077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 07:16:45 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:45 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 62ms
56ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1648106205758&d=7946&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
last-modified: Thursday, 24-Mar-2022 07:16:45 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

POST
H3 204 AGSKWxVDJxjvYgcuqJtaVyK0KOHRs1VjV10ZS33B8uKEFmb_3x2uMHwc2O9XtT8v7AzHqQ5W8aIOPfycGBlIESQ_dls7aS4biJv4AlPIImQZziiLgd-4doY43bRr04MzBIqHUsJ0_SO-Wim0fMS-DkiyFDc3rozH1kNDPpiXzrcu_628Bx196usnsBVNeecT Show response
fundingchoicesmessages.google.com/el/ 0
27 B 72ms
72ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVDJxjvYgcuqJtaVyK0KOHRs1VjV10ZS33B8uKEFmb_3x2uMHwc2O9XtT8v7AzHqQ5W8aIOPfycGBlIESQ_dls7aS4biJv4AlPIImQZziiLgd-4doY43bRr04MzBIqHUsJ0_SO-Wim0fMS-DkiyFDc3rozH1kNDPpiXzrcu_628Bx196usnsBVNeecT?dmid=2b977dc29f7ab687

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-+Uib8jRJhYOqepSufLaeOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+Uib8jRJhYOqepSufLaeOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 24 Mar 2022 07:16:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gzeme.lt
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-+Uib8jRJhYOqepSufLaeOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+Uib8jRJhYOqepSufLaeOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 7DE5 10 KB
5 KB 195ms
69ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 23 Mar 2022 23:16:13 GMT
expires: Wed, 06 Apr 2022 23:16:13 GMT
cache-control: public, max-age=1209600
age: 28832
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad.js Show response
lv.adocean.pl/_1648106205849/ 58 KB
17 KB 76ms
76ms Script
application/x-javascript 51.83.210.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1648106205849/ad.js?id=QVxbkV9x_EEfiShrQ0.nWRKTwuzvK53JgRZwOmLBo47.p7/x=1600/y=1200/nc=1
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.210.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-51-83-210.eu
Software: GAD /
Resource Hash: 31f76758f06cf09230e3a093f9d3ce01f295d00fb4d43143e7eb7b80ab41dc6b

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:45 GMT
content-encoding: gzip
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 17722
expires: Wed, 23 Mar 2022 07:16:45 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v126/ 121 KB
122 KB 170ms
92ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v126/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 18:57:23 GMT
x-content-type-options: nosniff
age: 217162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124372
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:26:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 18:57:23 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 132ms
62ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 117098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:07 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 31 KB
31 KB 136ms
66ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:48:47 GMT
x-content-type-options: nosniff
age: 116878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31272
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:48:47 GMT

GET
H2 200 roboto.css
cdn.onnetwork.tv/css/ Frame BFA7 6 KB
966 B 50ms
50ms Stylesheet
text/css 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/roboto.css
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
server: XO.webservantpro
etag: W/"60dd8078-194c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BFA7 4 KB
3 KB 205ms
83ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame BFA7 39 KB
9 KB 52ms
51ms Stylesheet
text/css 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/player86.css?s=1643493341
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: af8552f8f89335283643dba9dabc3d9827c15c4635a2eb9a3041d0ee0329a115

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Sat, 29 Jan 2022 21:55:41 GMT
server: XO.webservantpro
etag: W/"61f5b7dd-9cab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 adblock_notify.js Show response
cdn.onnetwork.tv/js/ Frame BFA7 25 B
338 B 52ms
51ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/adblock_notify.js?s=1648106205
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 15:40:09 GMT
server: XO.webservantpro
etag: W/"5f3bf659-19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BFA7 82 KB
30 KB 216ms
58ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b3ed85c9ad38d83cd2fecfaa17d4f6c645314585aa8cfc27f32e411b6e9ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30344
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 17:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:22:32 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BFA7 371 KB
124 KB 283ms
125ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3f824116bf1ec3acc0dd7c003055cfb201ab314633e5874a4c4df752bfa018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126251
x-xss-protection: 0
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame BFA7 315 KB
92 KB 114ms
47ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251701
x-jsd-version: 1.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19128-FRA, cache-mad22043-MAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f0d9f8bb8b53839-MAD

GET
H2 200 player86.js Show response
cdn.onnetwork.tv/js/ Frame BFA7 100 KB
27 KB 101ms
101ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/player86.js?s=1647885096
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: f607411b229ee5599210879504fcd6b04c10e0ecb81dac818093c1dbe8903221

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 17:51:36 GMT
server: XO.webservantpro
etag: W/"6238bb28-19020"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1648106206011/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=tepoimpnph/fastid=gsrahwsbbtjenrhlvzolheexxily/sarg=NC/inner=;/ 2 B
82 B 75ms
75ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1648106206011/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=tepoimpnph/fastid=gsrahwsbbtjenrhlvzolheexxily/sarg=NC/inner=;/extra=;
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Wed, 23 Mar 2022 07:16:46 GMT

GET
H2 200 widget_scrolllist_list.php Show response
video.onnetwork.tv/widget/ Frame 0FB1 34 KB
34 KB 73ms
72ms Document
text/html 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=692

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

e5687019924fb855a99cb78199ee880103baae03d2d2d1745c4e52f750d44fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Thu, 24 Mar 2022 07:16:45 GMT
expires: Thu, 24 Mar 2022 07:16:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Thu, 24 Mar 2022 07:16:45 GMT
server: XO.webservant

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 66 KB
13 KB 74ms
72ms Script
text/javascript 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?mid=MCwxNng5LDQsNTAsMjEyMCw5MTY0LDEsMCwxLDUwLDAsMCwyLDAsMSwxLDAsMCwxLDAsMCwwLDAsMCwwLDMsMCwtMTstMTsyMDsyMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&cId=p8350c44b0fc57e0d6736b89ee54e87e3&widget=692

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=692

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

53da94da8e6ab52da497fe42f13bb9ab7c0c4ce05e2574f69b3478fbfc647b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 07:16:44 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:45 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
content-type: text/javascript;charset=utf-8
expires: Thu, 24 Mar 2022 07:16:44 GMT

GET
H2 200 129 Show response
traffix.lt/frontend/infoblocks/responsive/ Frame 4EF1 6 KB
2 KB 343ms
244ms Document
text/html 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://traffix.lt/frontend/infoblocks/responsive/129
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 5acc5ea48f1724493eb0ac66c9d31206b6258e4ba22c6a1b32aef3c470c758f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
cache-control: private, max-age=2678400, must-revalidate
pragma: no-cache
expires: -1
last-modified: Thu, 24 Mar 2022 06:41:12 GMT
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1iMJDZ1hEVx7qzWdeVXo3%2B2PTSCUW7MsLoqbtbLS2DJAl4g2gWn4IlGIslWkgSniNEe93tCkIBo2H5VZJwq6Co33arMqmixhEIJ9ZJUyRksvDOPQVC7FCJLOF8BO4IquMJBjBOvrUEi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f0d9f8c59a669c3-MAD
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 497B 461 KB
142 KB 48ms
47ms Script
application/javascript 2606:4700:20::681a:dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: /FnTyG7mivuubIGMmM4B7Q==
age: 6947
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 13:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZOC20jEsAFof4duiyV3pLu5ZbJyjCyvOcmbVlHtPtzwroUskCDAYvqJ0TUA2sUhKnlQJO7MzJsofdAkPTNCsTKbVvQE5j5NQ7jFFOxH6OD%2Fpq5QF5vmbf3wGKa584tuH2s4IMpAlHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 490ce321-f01e-0027-74b8-3ee853000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f0d9f8bbb8c6665-MAD

GET
H3 200 1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
21 KB 107ms
107ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9448e5e35e9cfba49612fab330c7ef1384a4708be5205b028486288ae260b85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:53:21 GMT
x-content-type-options: nosniff
age: 509005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21448
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:53:21 GMT

GET
H2 200 pubads_impl_2022032201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2FF5 363 KB
124 KB 183ms
59ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032201.js?cb=31065823

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6ecc2aa5b1b9748c838b11778d52e96e4c6deddf0e9244a9a899b8dd642e83b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 05:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126439
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 08:34:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Mar 2023 05:39:12 GMT

GET
H2 200 pubads_impl_2022032101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 42C7 364 KB
124 KB 239ms
126ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032101.js?cb=31065822

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

40296928fac4f10110663318bc8c0b64e365f1ef8b4b9e1e4ae23788f43b6c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 08:35:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Mar 2023 19:55:47 GMT

GET
H2 200 ad.js Show response
lv.adocean.pl/_1648106206106/ 58 KB
17 KB 78ms
76ms Script
application/x-javascript 51.83.210.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1648106206106/ad.js?id=AxPqoxpt420mrXJwl8oY4omXgpXw4h3vlS.gxfhHA5D.h7/x=1600/y=1200/nc=1
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.210.184 , France, ASN16276 (OVH, FR),
Reverse DNS: ip184.ip-51-83-210.eu
Software: GAD /
Resource Hash: 56f68051eb13253893ed5a27b4d89ac50d1f699078eebeca551b2087b09a71d3

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 17702
expires: Wed, 23 Mar 2022 07:16:46 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 497B 82 KB
27 KB 131ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d77e8f6a11cf607910d9b60360e0b14148620e081722acbbeafa83f7934360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28028
x-xss-protection: 0
server: sffe
etag: "1167 / 875 of 1000 / last-modified: 1648090766"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AB4F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

70ms
55ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Mar 2022 07:16:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Thu, 24 Mar 2022 07:16:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4D3D 32 KB
10 KB 55ms
55ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7fb7e36de6c0a1c499b79a571dd94a7988729aa818ea1845ceb011e3fc59023

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46569
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Thu, 24 Mar 2022 20:12:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8675 32 KB
10 KB 55ms
55ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7fb7e36de6c0a1c499b79a571dd94a7988729aa818ea1845ceb011e3fc59023

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46569
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Thu, 24 Mar 2022 20:12:55 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
cdn.onnetwork.tv/js/ Frame 0FB1 85 KB
35 KB 55ms
52ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/jquery-3.2.1.min.js
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: XO.webservantpro
etag: W/"58d026fb-15283"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 jquery.dotdotdot.js Show response
cdn.onnetwork.tv/js/ Frame 0FB1 6 KB
3 KB 105ms
102ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/jquery.dotdotdot.js
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 9f89b224cc40bc2b75f400bf2b21049fe5bb0f0053853976b1a7f22d652cb836

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 20:59:52 GMT
server: XO.webservantpro
etag: W/"5c1d5448-19a1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0FB1 6 KB
670 B 72ms
71ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 07:16:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 07:16:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 397371_6m.jpg
cdnt.onnetwork.tv/poster/3/9/ Frame 0FB1 14 KB
14 KB 62ms
50ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/3/9/397371_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

f9c54ecff25b054d1c143e0eaadc24316bd0df200d2a3e8f0133708f80384dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Fri, 26 Feb 2021 12:52:40 GMT
server: XO.webservantpro
etag: "6038ef18-38e7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 14567
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 531547_6m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 20 KB
20 KB 51ms
50ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/531547_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

ed7461f5424c2e488d2d0196322067030cd904734808f42934a11914b16bab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 20 Dec 2021 13:18:09 GMT
server: XO.webservantpro
etag: "61c08291-50cb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 20683
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 500260_1m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame 0FB1 23 KB
24 KB 52ms
51ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/500260_1m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

bac280b4a35727df4e709ebe975dba418368f2da9f9b43b4de7b14fe81b37d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 08 Nov 2021 14:44:30 GMT
server: XO.webservantpro
etag: "618937ce-5d12"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 23826
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 531555_2m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 17 KB
18 KB 53ms
51ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/531555_2m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

963519be109eb391c6214bcc5f1da4b56e24b40dd69389cbb378954eb69df185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 20 Dec 2021 13:24:43 GMT
server: XO.webservantpro
etag: "61c0841b-45ef"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 17903
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 506052_6m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame 0FB1 22 KB
22 KB 63ms
62ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/506052_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

35f12f6bb3cfef49b3c36130ba086b0d35bb0df01acfaf371b2a54455f8afadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Tue, 16 Nov 2021 10:02:37 GMT
server: XO.webservantpro
etag: "619381bd-5856"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 22614
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 502678_2m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame 0FB1 21 KB
21 KB 98ms
97ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/502678_2m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

b50ffc6f93bdce3492737df10260740c8acbef24f20bf50a23fd121453f07855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thu, 11 Nov 2021 14:31:39 GMT
server: XO.webservantpro
etag: "618d294b-53b6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 21430
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 397377_3m.jpg
cdnt.onnetwork.tv/poster/3/9/ Frame 0FB1 24 KB
24 KB 86ms
84ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/3/9/397377_3m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

626c4aa4b1806c943c65ed2cc904b49f2c8b03d33d3696909dfa7479f661a013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Fri, 26 Feb 2021 12:57:00 GMT
server: XO.webservantpro
etag: "6038f01c-5f42"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 24386
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 531549_3m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 30 KB
31 KB 55ms
55ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/531549_3m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

28296596fbe365df8b55ed0b6f6677a4b03e361310c79d708e06c7b7b2a9ccd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 20 Dec 2021 13:19:53 GMT
server: XO.webservantpro
etag: "61c082f9-79f7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 31223
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 486248_1m.jpg
cdnt.onnetwork.tv/poster/4/8/ Frame 0FB1 25 KB
25 KB 56ms
55ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/4/8/486248_1m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

2d973df25cca59fe3d01338fe7188b0c79572a549929da8a474dcee78d999dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Wed, 20 Oct 2021 12:59:52 GMT
server: XO.webservantpro
etag: "617012c8-6402"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 25602
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 397383_1m.jpg
cdnt.onnetwork.tv/poster/3/9/ Frame 0FB1 26 KB
26 KB 52ms
49ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/3/9/397383_1m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

1e0c68c2dfe974697a9305b99c818ab52c8700aa439cab02ad2b2493079a0f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Fri, 26 Feb 2021 13:12:20 GMT
server: XO.webservantpro
etag: "6038f3b4-679c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 26524
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 531562_3m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 10 KB
10 KB 52ms
50ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/531562_3m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

9944250b3f0faa887f0c26d6d6d1a8ea213edaebf798d5586649fda969a6f7ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 20 Dec 2021 13:30:12 GMT
server: XO.webservantpro
etag: "61c08564-2733"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 10035
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 535982_1m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 21 KB
21 KB 56ms
56ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/535982_1m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

681ec190531a267ea457c6578ad9b11cbd3b6e5ecea662711000e05c24b31778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 27 Dec 2021 11:06:17 GMT
server: XO.webservantpro
etag: "61c99e29-548f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 21647
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 535994_4m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 22 KB
23 KB 56ms
56ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/535994_4m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

ee45bb098890476ea9e916f3ca880bffbbb61496a0b019ecb32c590491014ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 27 Dec 2021 11:26:21 GMT
server: XO.webservantpro
etag: "61c9a2dd-59e7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 23015
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 535991_6m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 33 KB
33 KB 60ms
58ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/535991_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

bc9fbdeaf51fc4176b5bd4d5786099890c3b158cb136b45490db20bafe81cb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 27 Dec 2021 11:21:58 GMT
server: XO.webservantpro
etag: "61c9a1d6-84e2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 34018
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 531567_1m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 13 KB
13 KB 129ms
128ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/531567_1m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

a61dc77820f79fdf13e84ca5c9be151128cae791087b5180a991a8988a045d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 20 Dec 2021 13:34:23 GMT
server: XO.webservantpro
etag: "61c0865f-330f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 13071
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 535988_4m.jpg
cdnt.onnetwork.tv/poster/5/3/ Frame 0FB1 20 KB
20 KB 122ms
121ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/3/535988_4m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?widget=692&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

70f4afb8f300150e43b5a1aa41c0cce92ec3b3ba707611d15f2d36cdc2205b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 27 Dec 2021 11:18:47 GMT
server: XO.webservantpro
etag: "61c9a117-50ab"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 20651
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame BFA7 36 KB
12 KB 143ms
76ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame BFA7 48 KB
14 KB 124ms
58ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 16:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 24 Mar 2022 16:02:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BFA7 56 KB
56 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/css/roboto.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.onnetwork.tv/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:17:09 GMT
x-content-type-options: nosniff
age: 496777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57116
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 13:17:09 GMT

GET
H2 206 black.mp4
cdn.onnetwork.tv/img/ Frame BFA7 3 KB
3 KB 51ms
50ms Media
video/mp4 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/img/black.mp4
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
server: XO.webservantpro
access-control-allow-origin: *
etag: "5ab00be3-ab3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp4
Content-Range: bytes 0-2738/2739
cache-control: max-age=17280000, public
Content-Length: 2739
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 288 KB
64 KB 99ms
98ms Fetch
text/html 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffEXSd45df0bcd81f63e75006b3d5fddf4cbe2&iid=779554502&e=1&onnsfonn=1&mid=MCwxNng5LDQsNTAsMjEyMCw5MTY0LDEsMCwxLDUwLDAsMCwyLDAsMSwxLDAsMCwxLDAsMCwwLDAsMCwwLDMsMCwtMTstMTsyMDsyMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA%3D&wtop=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&apop=0&vpop=0&apopa=0&vpopa=0&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

d390af2e30e4f735571397acb9fa620c4a4b71eaca7d1fb68076e29b43f4ed94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 07:16:46 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:46 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 50ms
50ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1648106206210&d=9164&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1648106206238/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=xkkrpnjgsd/fastid=jvwdkhzagahdrlcflccfvowhznkk/sarg=NC/inner=;/ 2 B
36 B 76ms
76ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1648106206238/redot.js/id=bQBF.4OqYPhczQoUh5BfKbe9Lb9YKw7mrx3N3vbCc3..67/nc=1/stparam=xkkrpnjgsd/fastid=jvwdkhzagahdrlcflccfvowhznkk/sarg=NC/inner=;/extra=;
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Wed, 23 Mar 2022 07:16:46 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 7874 461 KB
142 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: /FnTyG7mivuubIGMmM4B7Q==
age: 6947
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 13:20:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNSuU4aKMumDpLEiHyS4MYYohlS%2FWDqoBp1f8k4zBhm2PSgLzqqgpRPX%2Bpnp7sk%2BhaVFGrRc%2FTwyZgEHxPCsxZVjIKQJQ%2Flh8FFHmtryv9rqqgsECybs0RnEgcUliVvdSp5Ye3PkSAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 490ce321-f01e-0027-74b8-3ee853000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f0d9f8d3d946665-MAD

GET
H2 200 underline_short.png
www.gzeme.lt/wp-content/themes/gzeme/img/ 929 B
1 KB 89ms
88ms Image
image/png 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/themes/gzeme/img/underline_short.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/wp-content/themes/gzeme/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 53bf2e13c4c88655463a824a7325df40e7662a73f18906e55b4cafe4a37c54a9

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/wp-content/themes/gzeme/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Feb 2019 04:23:16 GMT
server: Apache
etag: "3a1-5815a51627500"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 929
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
30 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:55:47 GMT
x-content-type-options: nosniff
age: 156059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:55:47 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v23/ 25 KB
25 KB 64ms
64ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600|Raleway:400,400i,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:18:12 GMT
x-content-type-options: nosniff
age: 86314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25088
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 07:18:12 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/lt_LT/ 283 KB
81 KB 122ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/lt_LT/sdk.js?hash=5135306e9777121f31565ca2a524f29c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/lt_LT/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

726d62fb89de01630f2ff5221734825066cf4542de712133a817353325390dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 15ah9BHbiojhQAer5/fugQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Mar 2023 07:01:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82752
x-fb-rlafr: 0
x-fb-debug: WveVl798QXxk7habzTvz2fhku9s2pZOyYQuUdmCYd306+wZ1ZBJZoQz6esFA50Q8TQPtO+KuT/JJQ8vyVp/gkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 14df80c0ecd94067ec4f276246ef0a22
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 07:16:46 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "46a2e9d88ceeaea241c6c3a989466088"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB4F 32 KB
10 KB 63ms
63ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7fb7e36de6c0a1c499b79a571dd94a7988729aa818ea1845ceb011e3fc59023

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46569
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Thu, 24 Mar 2022 20:12:55 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 360 KB
142 KB 122ms
59ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=anr_onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7daa0ab7af5eef7dba6b8d1269aca27d92e766bf91536e52c72c851e6273dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145040
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 16:14:28 GMT

GET
H2 200 StiprusKartu_Ukraina_Spaudosmaketas_GimtojiZeme_100x150.jpg
www.gzeme.lt/wp-content/uploads/2022/03/ 251 KB
253 KB 88ms
87ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2022/03/StiprusKartu_Ukraina_Spaudosmaketas_GimtojiZeme_100x150.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 85e5eba54bbe8911cf1f15effdae3e351d0aa693ac4972c309da9ecc1de23128

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2022 11:39:53 GMT
server: Apache
etag: "3ecd5-5d9c78e5a7d94"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 257237
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H2 200 Ukmerge-10x15-dainuoju-tau-gyvenima.jpg
www.gzeme.lt/wp-content/uploads/2022/03/ 405 KB
406 KB 88ms
87ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2022/03/Ukmerge-10x15-dainuoju-tau-gyvenima.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 5e2f4690bfdd1f34600a776333fed815da644a78baae2fabc910d0443230841e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Mar 2022 11:13:31 GMT
server: Apache
etag: "65552-5da5400f0beba"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 415058
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H2 200 Untitled-2.jpg
www.gzeme.lt/wp-content/uploads/2022/03/ 45 KB
45 KB 88ms
87ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2022/03/Untitled-2.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: d51da41d032c838358ca34585f19cea9ecc7f44381d384d674b055e339bae83a

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 17:25:38 GMT
server: Apache
etag: "b4fa-5dad1e6cfac9f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 46330
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H2 200 ukmerge-ukrainai.jpg
www.gzeme.lt/wp-content/uploads/2022/03/ 371 KB
371 KB 87ms
86ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2022/03/ukmerge-ukrainai.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: 8203ce78677a615694614e31efd85a1d7e2812c5934503e907857a72198b479e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 12:44:47 GMT
server: Apache
etag: "5ca12-5d92787b927d7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 379410
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H2 200 Tentas-Kauno-G-2020-10-08.jpg
www.gzeme.lt/wp-content/uploads/2021/01/ 109 KB
110 KB 85ms
84ms Image
image/jpeg 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gzeme.lt/wp-content/uploads/2021/01/Tentas-Kauno-G-2020-10-08.jpg
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: tetervinas.serveriai.lt
Software: Apache /
Resource Hash: c43838a97fa3ac5a2bd0e8ecd80fe39c43ddc99c9ec0426fe618f89d8b6f15d5

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Jan 2021 14:24:03 GMT
server: Apache
etag: "1b4c0-5b827f55866c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 111808
expires: Fri, 24 Mar 2023 07:16:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0FB1 15 KB
15 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://video.onnetwork.tv
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 509323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:48:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0FB1 12 KB
12 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://video.onnetwork.tv
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 08:01:19 GMT
x-content-type-options: nosniff
age: 170127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 08:01:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 336ms
69ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-140720470-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6116
date: Thu, 24 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 07:34:50 GMT

GET
H2 200 refill Show response
www.gzeme.lt/wp-json/contact-form-7/v1/contact-forms/56/ 2 B
250 B 752ms
752ms XHR
application/json 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gzeme.lt/wp-json/contact-form-7/v1/contact-forms/56/refill

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),

Reverse DNS

tetervinas.serveriai.lt

Software

Apache /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
X-Requested-With: XMLHttpRequest
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
vary: Origin,Accept-Encoding
content-type: application/json; charset=UTF-8
allow: GET
x-robots-tag: noindex
link: <https://www.gzeme.lt/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

POST
H2 200 / Show response
www.gzeme.lt/ 226 B
405 B 610ms
610ms XHR
application/json 185.5.53.26
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gzeme.lt/?wc-ajax=get_refreshed_fragments

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.5.53.26 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),

Reverse DNS

tetervinas.serveriai.lt

Software

Apache /

Resource Hash

6faae62bf72a9fa84d009526a868a444c49cfd24fe69704408642f99c9e5e3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
X-Requested-With: XMLHttpRequest
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-pingback: https://www.gzeme.lt/xmlrpc.php
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 d1.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/ 2 KB
3 KB 348ms
304ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/d1.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8092269e8c53c77caf9aee93ec2f6fd9ef48e83fb4d2acad103801bc1d371486

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2394
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-95a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImHQSAynyi8qNp1M2PvX3xN8viRVAlhUqd9kyyltfrlRIYRiRJyo5TR5eSuteIx6Edl6uZoNBo4a3rcAAnWzJMmM9RsKFZmfkAxEWl%2FY2SiPKqEvvCKCRgKsJ3WZNorcKX46PtD1M889txea1bJt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f8e3fd386c3-MAD
expires: Thu, 31 Mar 2022 07:16:46 GMT

GET
H3 200 d1.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 2 KB
2 KB 365ms
321ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d1.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1579
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-62b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVyim%2BybvkSIrHtQcMEk3SWgZz1wVmO9CU%2FtSkjmCZzSsJ0nllu7MXhkJ2dwaUDdpvVHrso4s0%2F4Jfdps6VMoI41dKVCLJIju4rwvAFnfVhRbDxXuVT9IaGsAFX16hPvZOaet81A5Y15lBIwvlsh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f8e3fd586c3-MAD
expires: Thu, 31 Mar 2022 07:16:46 GMT

GET
H3 200 d0.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 1 KB
2 KB 348ms
305ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d0.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c58ac15b605232441accdc041c0ab8fb3e54a9b564d5d6b4e874b08744cdb59

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1196
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-4ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moNg%2BPd3k2oJqeC8jODDupXp9Nz%2BPCnhRQkZU%2FcQbIrb%2BalwX16qqIENJn8JbBlbI1aCQZSca9%2F%2BGCOHhiqDMK%2FTOMR4TwgGaf2FpiOlM8jo10rfYernOCFZ%2FJlkTZQQ1qFu2tP0l7Lp3KoO%2ByWX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f8e3fce86c3-MAD
expires: Thu, 31 Mar 2022 07:16:46 GMT

GET
H3 200 n1.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 2 KB
2 KB 391ms
348ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/n1.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289d566c877a4b7a5e3c8995151be7a7dfd308a3220448f7a5b19f5b91b9e309

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1612
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-64c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTDAiM9SHxROYPgKC8UxMHlS0FmRkvbxQZIJLZQdwcGKjl8uBBhwIYNOZP5%2FJb%2BhK%2FqTuneTmMEWvriuwzZ%2FhBnPbH7eXEKTYDU9WfZ%2BnjbiHJknVwCTUUj4Lq%2FPe7ScAW3u83azB0uVQgCmMPxI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f8e3fd186c3-MAD
expires: Thu, 31 Mar 2022 07:16:46 GMT

GET
H3 200 d3.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 1 KB
2 KB 352ms
309ms Image
image/png 2606:4700:3033::6815:19d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d3.png
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:19d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5633af5454dc2c0515ee3620ae8f846b1e5b107fbada5f8ed515b344f0a9f14

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: ost.stat-ru-ost01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1273
last-modified: Tue, 12 Oct 2021 12:24:39 GMT
server: cloudflare
etag: "61657e87-4f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gp6hRHt24rtvwhO%2FKGauTtDNyyp3TqUHJW%2FQ8R3H49byKwam%2F7Sk%2FjLN1vgX8hIHn82Ur32mXVsDqCP3bgGuEW6f8msHPZEcMAWcza4pE75cmJs4N0sBoZNciwXPXVNVMDG7G8aR%2FXyKFSNSSqg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f0d9f8e3fd686c3-MAD
expires: Thu, 31 Mar 2022 07:16:46 GMT

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 497B 365 KB
124 KB 119ms
55ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 06:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Mar 2023 06:51:00 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7874 83 KB
28 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e898df2add0b150a1e3c17944b79d34bf05cda83d7a0057a6ed42d2954425b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28171
x-xss-protection: 0
server: sffe
etag: "1167 / 413 of 1000 / last-modified: 1648090831"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F9B8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

56ms
55ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Mar 2022 07:16:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Thu, 24 Mar 2022 07:16:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BFA7 49 KB
20 KB 216ms
80ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6116
date: Thu, 24 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 07:34:50 GMT

GET
H3 200 bridge3.506.0_lt.html Show response
imasdk.googleapis.com/js/core/ Frame 3B66 591 KB
192 KB 138ms
60ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e85403685fe025fa680a43340e6f0f5a39dd4ee67f4b8ceaced68067b851b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196781
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 20:30:48 GMT
expires: Sat, 18 Mar 2023 20:30:48 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 18 Mar 2022 20:22:23 GMT
content-type: text/html
age: 470758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BFA7 44 KB
17 KB 227ms
73ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 85ms
85ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=plstarttry&d=7946&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 80ms
80ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=adsearch&d=7946&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 104319_3.jpg
cdnt.onnetwork.tv/poster/1/0/ Frame BFA7 2 KB
2 KB 80ms
79ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/1/0/104319_3.jpg

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

2198f45f3911e63ff41108aabb2126b38ec4e18bab77f9933533247f11a65d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Sat, 09 Mar 2019 15:07:58 GMT
server: XO.webservantpro
etag: "5c83d6ce-670"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 1648
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 76ms
76ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=plimpression&d=7946&vs=0&aps=4&playerVisible=0&mobile=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntg.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 76ms
75ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1648106207&d=7946&wsc=an&typ=embed&mobile=0&c=23
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntd.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 71ms
68ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntd.png?ts=1648106207&mobile=0&plc=1&time=20&website=7946
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 288 KB
64 KB 96ms
95ms Fetch
text/html 37.59.253.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffEXSd45df0bcd81f63e75006b3d5fddf4cbe2&iid=779554502&e=1&onnsfonn=1&mid=Mzk3MzcxLDE2eDksNCw1MCwyMTIwLDkxNjQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywwLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCw7MDswOzA7MDswOzAsMA%3D%3D&wtop=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&apop=0&vpop=0&apopa=0&vpopa=0&cId=p8350c44b0fc57e0d6736b89ee54e87e3

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.101 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-h.of.pl

Software

XO.webservant /

Resource Hash

125b127a1609dd30e0937d6330b7caea3cfaa44dc857c386e34b2fe84dec3243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 07:16:46 GMT
server: XO.webservant
date: Thu, 24 Mar 2022 07:16:46 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 129ms
129ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1648106206589&d=9164&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1162 37 KB
13 KB 127ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 06:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:25:28 GMT

GET
H3 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 4EF1 2 KB
1 KB 80ms
45ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251704
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-mad22050-MAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f0d9f8fabe9d655-MAD

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 4EF1 94 KB
33 KB 175ms
53ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
x-hw: 1648106206.dop027.ml1.t,1648106206.cds211.ml1.hn,1648106206.cds002.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 4EF1 42 KB
11 KB 80ms
46ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251708
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19130-FRA, cache-mad22074-MAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f0d9f8fabead655-MAD

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9B8 32 KB
10 KB 65ms
64ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7fb7e36de6c0a1c499b79a571dd94a7988729aa818ea1845ceb011e3fc59023

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46569
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Thu, 24 Mar 2022 20:12:55 GMT

GET
H2 200 a_cntm.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 75ms
75ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1648106207&i=104319&d=7946&wsc=an&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
last-modified: Thursday, 24-Mar-2022 07:16:46 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4351 41 KB
21 KB 167ms
102ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=z23to1l8t07x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7efb9f0490c867eaa7f7b327392826c12b5cb02f46a78442c99d1ef5f27b27bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t27/ekOe0RpZt77jvbzulA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 07:16:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-t27/ekOe0RpZt77jvbzulA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21897
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8295 42 KB
22 KB 137ms
75ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&theme=light&size=normal&cb=kpkhdbf7rzpd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38c8cfc5ad6925454c78b8f4b9c15233c1ab25ee568a99d31ab01b88bfa62a07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xqPntUOEP57nIwDr8OgDjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 07:16:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-xqPntUOEP57nIwDr8OgDjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22617
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022032201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7874 363 KB
124 KB 56ms
55ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032201.js?cb=31065823

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6ecc2aa5b1b9748c838b11778d52e96e4c6deddf0e9244a9a899b8dd642e83b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 05:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126439
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 08:34:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Mar 2023 05:39:12 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4D3D 284 B
536 B 248ms
56ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8675 284 B
536 B 250ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H3 200 dc34e23f65eb093e64c40077edd2fb61.jpg
traffix.lt/storage/thumbnails/400/seimairnamai_eu/ Frame 4EF1 11 KB
12 KB 276ms
239ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/seimairnamai_eu/dc34e23f65eb093e64c40077edd2fb61.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64d362678754ea71b6ae5ae42341f75641e4dd3c128098ddcb3bbeff5d9ff23

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 23:24:49 GMT
server: cloudflare
etag: "2bec-5daeb093150d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEuyQBOjFhsTKlI9ksIAv%2BV0fDNnHMk0egahRVevqLJbnlMrtqyXR4xuUMcJNYHOHkUJTcLl%2F0e9%2FRG60uyU9Xw7oXusRJi8Rd4guMSiNfbEvurSBxKDAWv4VO%2FzEGaE%2FnRAtAXx4n0N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fb16635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11244

GET
H3 200 5ed4b0377bfc42bbeab4f28c4be43a11.jpg
traffix.lt/storage/thumbnails/400/zinoti_lt/ Frame 4EF1 13 KB
14 KB 130ms
94ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/zinoti_lt/5ed4b0377bfc42bbeab4f28c4be43a11.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a8d30930f4dc659d3cab8215bbf79635cea7bcb33454c460f4b15383527c0b

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 23:25:14 GMT
server: cloudflare
etag: "35da-5dac2cef6669b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOQ3t1cIsYG%2BPNBsUfoaqZjsPPMumsF2bnjVxVRTkBuQjNkmhoXORjaqlR7hxZM3Gajhhp3swXV1ivxuO9Msa3pSVnbI0Q%2BhjH5IpsKHLIm5y9d1uLSlUFjfKbkuStxILAYF%2BBWBB1m4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fb66635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13786

GET
H3 200 52154451a3756168b9ff2fef7ac9546f.jpg
traffix.lt/storage/thumbnails/400/aukstaitijosgidas_lt/ Frame 4EF1 16 KB
16 KB 161ms
126ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/aukstaitijosgidas_lt/52154451a3756168b9ff2fef7ac9546f.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354b54880775d31331f36253777963f56f64789d1cff268c142d1d5f65c05163

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 23:34:30 GMT
server: cloudflare
etag: "3e4f-5daeb2bc5f419"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JgQLAyh%2Bkqw7NXi%2BZXfdvEw24JLXNtPLh6P9C3jlf3DoNe5aq8p5d4G2K4ns2f1ome44wwjf0iytbvZsk2ehouHQV4ZEKI4jshLvXp%2B5Ky1CoGeOxOk2Hwi7NTkq0fA7SOBrBp0dOTi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fb46635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15951

GET
H3 200 bc4bf9d963670c48cf296f50bee3fbd9.jpg
traffix.lt/storage/thumbnails/400/dzukuzinios_lt/ Frame 4EF1 9 KB
10 KB 192ms
156ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/dzukuzinios_lt/bc4bf9d963670c48cf296f50bee3fbd9.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51880ea50d277ef1dc4974d8c7059b8ef301a3e5927b8d32134ccab5c04879c1

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 23:29:38 GMT
server: cloudflare
etag: "2502-5da5e497e45c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scexTGl3x8N5bAts4wVNZ5bg%2FCYvAn2QxZVsKYVsbE8ZH3VOzYT3U3mD4fftb8yafb6j52xzopaBcmvt6fI8WArufT1TaJLtO4dgHTbnTEHrJL1AV%2B0cnQy2kjVzOowrUnU%2BP34GNKj3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fba6635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9474

GET
H3 200 0e0b8a025a527709116655b2b1029a82.jpg
traffix.lt/storage/thumbnails/400/rinkosaikste_lt/ Frame 4EF1 20 KB
21 KB 191ms
156ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/rinkosaikste_lt/0e0b8a025a527709116655b2b1029a82.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618a79a3f24c603041dbfdaa78df60ae218914d6216014041fcfa01384234d23

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Mar 2022 23:31:52 GMT
server: cloudflare
etag: "50ad-5da726f4e3a70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju6B02UG7yocu6XqpwUT4qRz6440mfz9Xo%2FFoNK%2BLPQxCtLBxUuhejxwVcpssv4I0vOI9WHeY3s8sqanOU14H%2B8RfXvx9KnxI4xRjbUwfQEmaq2xabdlUccn7n7rEFN5zZQQmky2bKD6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fb86635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20653

GET
H3 200 d924818a180dd8c2218d90007762e3fa.jpg
traffix.lt/storage/thumbnails/400/alkas_lt/ Frame 4EF1 17 KB
18 KB 161ms
125ms Image
image/jpeg 2606:4700:3034::6815:4bd2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffix.lt/storage/thumbnails/400/alkas_lt/d924818a180dd8c2218d90007762e3fa.jpg
Requested by: Host: traffix.lt
URL: https://traffix.lt/frontend/infoblocks/responsive/129
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8e06357c54102452359884d8bbcac73fdd2898925a65e3cb64b7d99539413f

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://traffix.lt/frontend/infoblocks/responsive/129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 23:26:13 GMT
server: cloudflare
etag: "45c4-5dac2d281edbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1hqNcSsruCOUq2ufTSZuN5KAThTnIw8JgEZ1Btc8iU74kscXpTii23pysWtvo8BXY5wNPZqYsZCbwAHMlnXmXWRJDNUb3h9Lcmxisn7SPNSWQPEgGLKKfmXFySl7AZrcKIimtSxOhCm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0d9f911fb36635-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17860

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 135ms
68ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=720911138&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&ul=en-us&de=UTF-8&dt=Gimtoji%20zeme%20-%20Populiariausios%20turizmo%20prek%C4%97s%3A%20k%C4%85%20verta%20%C4%AFsigyti%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1990867590&gjid=1489722889&cid=687813608.1648106207&tid=UA-140720470-1&_gid=321802839.1648106207&_r=1&gtm=2ou3e0&z=500555263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto.css
cdn.onnetwork.tv/css/ Frame 1586 6 KB
966 B 51ms
50ms Stylesheet
text/css 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/roboto.css
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
server: XO.webservantpro
etag: W/"60dd8078-194c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1586 4 KB
2 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame 1586 39 KB
9 KB 52ms
51ms Stylesheet
text/css 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/player86.css?s=1643493341
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: af8552f8f89335283643dba9dabc3d9827c15c4635a2eb9a3041d0ee0329a115

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Sat, 29 Jan 2022 21:55:41 GMT
server: XO.webservantpro
etag: W/"61f5b7dd-9cab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H2 200 adblock_notify.js Show response
cdn.onnetwork.tv/js/ Frame 1586 25 B
338 B 53ms
51ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/adblock_notify.js?s=1648106206
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 15:40:09 GMT
server: XO.webservantpro
etag: W/"5f3bf659-19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
H3 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1586 82 KB
30 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b3ed85c9ad38d83cd2fecfaa17d4f6c645314585aa8cfc27f32e411b6e9ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30344
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 17:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:22:32 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1586 371 KB
123 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3f824116bf1ec3acc0dd7c003055cfb201ab314633e5874a4c4df752bfa018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126251
x-xss-protection: 0
expires: Thu, 24 Mar 2022 07:16:46 GMT

GET
H3 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame 1586 315 KB
92 KB 48ms
47ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251697
x-jsd-version: 1.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19128-FRA, cache-mad22081-MAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f0d9f911cf2d655-MAD

GET
H2 200 player86.js Show response
cdn.onnetwork.tv/js/ Frame 1586 100 KB
27 KB 53ms
52ms Script
application/javascript 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/player86.js?s=1647885096
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: f607411b229ee5599210879504fcd6b04c10e0ecb81dac818093c1dbe8903221

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 17:51:36 GMT
server: XO.webservantpro
etag: W/"6238bb28-19020"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Mon, 10 Oct 2022 07:16:46 GMT

GET
DATA 200
OK truncated
/ Frame 3B66 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame BFA7 2 B
22 B 73ms
69ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=451329399&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&dp=%2Fgzeme_lt%2F7946&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=920x518&je=0&_u=AACAAAABAAAAAC~&jid=727629972&gjid=2083615898&cid=687813608.1648106207&tid=UA-135296857-3&_gid=321802839.1648106207&_r=1&_slc=1&z=1303060886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame BFA7 4 B
24 B 70ms
69ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=451329399&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&dp=%2Fan%2Fgzeme_lt&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=920x518&je=0&_u=ACCAAEABAAAAAC~&jid=1591827104&gjid=2011827396&cid=687813608.1648106207&tid=UA-135169144-1&_gid=321802839.1648106207&_r=1&_slc=1&z=1836232537

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.506.0&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.506.0&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 8295 51 KB
24 KB 58ms
57ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&theme=light&size=normal&cb=kpkhdbf7rzpd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 17:21:51 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 8295 360 KB
142 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7daa0ab7af5eef7dba6b8d1269aca27d92e766bf91536e52c72c851e6273dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145040
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 16:14:28 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 4351 51 KB
24 KB 64ms
64ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=z23to1l8t07x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 17:21:51 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 4351 360 KB
142 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7daa0ab7af5eef7dba6b8d1269aca27d92e766bf91536e52c72c851e6273dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145040
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 16:14:28 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 1586 36 KB
12 KB 238ms
237ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 1586 48 KB
14 KB 228ms
227ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 16:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 24 Mar 2022 16:02:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame BFA7 1 B
437 B 166ms
55ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135169144-1&cid=687813608.1648106207&jid=1591827104&gjid=2011827396&_gid=321802839.1648106207&_u=ACCAAEABAAAAAC~&z=543615763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Mar 2022 07:16:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1586 56 KB
56 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/css/roboto.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.onnetwork.tv/
Origin: https://www.gzeme.lt
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:17:09 GMT
x-content-type-options: nosniff
age: 496778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57116
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 13:17:09 GMT

GET
H2 206 black.mp4
cdn.onnetwork.tv/img/ Frame 1586 3 KB
3 KB 52ms
52ms Media
video/mp4 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/img/black.mp4
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: 33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
server: XO.webservantpro
access-control-allow-origin: *
etag: "5ab00be3-ab3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp4
Content-Range: bytes 0-2738/2739
cache-control: max-age=17280000, public
Content-Length: 2739
expires: Mon, 10 Oct 2022 07:16:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.506.0&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type&ctv=0&lid=6&sdkv=h.3.506.0&e=44737475%2C44752711%2C44758347%2C44758374&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.4752103625792745&time=1648106207071&lid=43&sdkv=h.3.506.0&e=44737475%2C44752711%2C44758347%2C44758374&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 1586 49 KB
20 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6117
date: Thu, 24 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 07:34:50 GMT

GET
H3 200 bridge3.506.0_lt.html Show response
imasdk.googleapis.com/js/core/ Frame 6438 591 KB
192 KB 58ms
58ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e85403685fe025fa680a43340e6f0f5a39dd4ee67f4b8ceaced68067b851b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196781
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 20:30:48 GMT
expires: Sat, 18 Mar 2023 20:30:48 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 18 Mar 2022 20:22:23 GMT
content-type: text/html
age: 470759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1586 44 KB
16 KB 147ms
69ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 51ms
50ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=plstarttry&d=9164&vs=0&aps=4&playerVisible=0&plist=2120&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 51ms
50ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=adsearch&d=9164&vs=0&aps=4&playerVisible=0&plist=2120&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 397371_6.jpg
cdnt.onnetwork.tv/poster/3/9/ Frame 1586 64 KB
64 KB 80ms
79ms Image
image/jpeg 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/3/9/397371_6.jpg

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.235.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w24.of.pl

Software

XO.webservantpro /

Resource Hash

f549aa8ea4548018cd6ca470dc9f56500f83847add842854b5ad443e0c69040d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Fri, 26 Feb 2021 12:52:40 GMT
server: XO.webservantpro
etag: "6038ef18-ffe0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 65504
expires: Mon, 10 Oct 2022 07:16:47 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 79ms
78ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106207&event=plimpression&d=9164&vs=0&aps=4&playerVisible=0&mobile=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntg.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 77ms
77ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1648106207&d=9164&wsc=an&typ=embed&mobile=0&c=23
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntd.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 76ms
75ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntd.png?ts=1648106207&mobile=0&plc=15&time=26&website=9164
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9957 37 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 06:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:25:28 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AB4F 284 B
536 B 58ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 3B66 65 B
533 B 290ms
142ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=855478&t=2&gdpr=1&gdpr_consent=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 93ms
92ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1648106207163&timeout=f&logid=0.4752103625792745&timediff=92&lid=43&sdkv=h.3.506.0&e=44737475%2C44752711%2C44758347%2C44758374&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B66 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.506.0&e=44737475%2C44752711%2C44758347%2C44758374&id=ima_html5&c=4164119180103443&domain=www.gzeme.lt

Requested by

Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4D3D 0
239 B 265ms
57ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 1586 2 B
22 B 69ms
69ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1331789098&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&dp=%2Fgzeme_lt%2F9164&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=918x516&je=0&_u=AACAAAABAAAAAC~&jid=1019612015&gjid=1554524253&cid=687813608.1648106207&tid=UA-135296857-3&_gid=321802839.1648106207&_r=1&_slc=1&z=975354882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 1586 2 B
22 B 68ms
68ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1331789098&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&dp=%2Fan%2Fgzeme_lt&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=918x516&je=0&_u=ACCAAEABAAAAAC~&jid=&gjid=&cid=687813608.1648106207&tid=UA-135169144-1&_gid=321802839.1648106207&_slc=1&z=744810863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cntm.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 51ms
51ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1648106207&i=397371&d=9164&wsc=an&plist=2120&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
DATA 200
OK truncated
/ Frame 8295 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8295 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8295 2 KB
2 KB 59ms
57ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 130619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 29 Mar 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8295 15 KB
15 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 137406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 17:06:41 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4351 2 KB
2 KB 58ms
57ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 130619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 29 Mar 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4351 15 KB
15 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 137406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4351 15 KB
15 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 147533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8295 102 B
134 B 79ms
79ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74a8a801d3ff462341b1fa78686c66c25a296e3445a391569b20433bfd2e3590

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&theme=light&size=normal&cb=kpkhdbf7rzpd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F9B8 284 B
536 B 57ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4351 102 B
134 B 64ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74a8a801d3ff462341b1fa78686c66c25a296e3445a391569b20433bfd2e3590

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=z23to1l8t07x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H2 200 a_cntr.png
cdn.onnetwork.tv/cnt/ Frame 3B66 126 B
368 B 51ms
50ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntr.png?ts=16481062070&vmvp=0&w=7946&vs=1208&vc=23997&mobile=0&aps=4&pv=0&ac=0&plist=0&widget=0&ab=0&co=1&pod=0&muted=1&initap=4&adcount=1
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
server: XO.webservantpro
accept-ranges: bytes
content-length: 126
content-type: image/png

GET
H3

200

/
www.facebook.com/login/ Frame E9EE
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dab18b890d1dc%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

339ms
279ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dab18b890d1dc%2526domain%253Dwww.gzeme.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.gzeme.lt%25252Ffa398b8b2e9608%2526relation%253Dparent.parent%26container_width%3D268%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLaikra%2525C5%2525A1tis-Gimtoji-%2525C5%2525BEem%2525C4%252597-1507443492900518%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/lt_LT/sdk.js?hash=5135306e9777121f31565ca2a524f29c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5nG0k0wVPVG9F+NJKZUrHX7NlJc9TQqxu9rtorh3NAbR/q0wI0k7qG1O+HkyAW+9zVpcCe4QvZT/cQ0+C+VagQ==
date: Thu, 24 Mar 2022 07:16:48 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dab18b890d1dc%2526domain%253Dwww.gzeme.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.gzeme.lt%25252Ffa398b8b2e9608%2526relation%253Dparent.parent%26container_width%3D268%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLaikra%2525C5%2525A1tis-Gimtoji-%2525C5%2525BEem%2525C4%252597-1507443492900518%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CEIUyBEgqDZ4osGG3jQ0VWszZkq/BQP1GQN0VVyA9ttaIlhZUQKIQCVhIa+H/RBwdyKvdk7DCjODHkQBQbb0OQ==
content-length: 0
date: Thu, 24 Mar 2022 07:16:47 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 60ms
60ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106208&event=adnotpresent&d=7946&vs=0&aps=4&playerVisible=2&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntn.png Show response
cdn.onnetwork.tv/cnt/ Frame BFA7 126 B
331 B 59ms
59ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntn.png?ts=1648106208&d=7946&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
last-modified: Thursday, 24-Mar-2022 07:16:47 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2A98 7 KB
1 KB 69ms
69ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

284f0c310e8ace2bcd28d6c6153a31c154da7d6551defad4f1e3f42bb2512a59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-58o6+VH51xGqXzRBXMH2kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 07:16:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-58o6+VH51xGqXzRBXMH2kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4351 31 KB
18 KB 93ms
92ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4ed418ae41295ea677e8e9c8ac0a9f0279e0c69e87722d46cea29715d30d0d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcqI6AUAAAAALs_lzBouCCdbwQrbCSLVeEUZ9N7&co=aHR0cHM6Ly93d3cuZ3plbWUubHQ6NDQz&hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=z23to1l8t07x
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18204
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:16:47 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 6438 136 B
125 B 139ms
73ms XHR
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F147246189%2C22672857274%2Fgzeme.lt_instream&description_url=https%3A%2F%2Fwww.gzeme.lt%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=60000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1954931018580717&sdkv=h.3.506.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1617107231&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.506.0&sid=B5741AB9-DCC7-4CB8-9098-4FB9EC6FCF77&nel=0&eid=44736293%2C44758374&url=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&dlt=1648106206581&idt=707&dt=1648106207789&scor=4284437338887383&fbidx=-1&ppid=onnetwork&ged=ve4_td1_tt1_pd1_la1000_er3591.178.3591.178_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 2A98 51 KB
24 KB 58ms
58ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 17:21:51 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 2A98 360 KB
142 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LevJ8cZAAAAAIVOEGhycdKvKjekgxJsLxMAzyzV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7daa0ab7af5eef7dba6b8d1269aca27d92e766bf91536e52c72c851e6273dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145040
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 16:14:28 GMT

GET
DATA 200
OK truncated
/ Frame 6438 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 a_cntr.png
cdn.onnetwork.tv/cnt/ Frame 6438 126 B
368 B 51ms
50ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntr.png?ts=16481062070&vmvp=0&w=9164&vs=1197&vc=26699&mobile=0&aps=4&pv=0&ac=0&plist=2120&widget=0&ab=0&co=1&pod=0&muted=1&initap=4&adcount=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
server: XO.webservantpro
accept-ranges: bytes
content-length: 126
content-type: image/png

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 6438 65 B
532 B 152ms
151ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1211568&t=2&gdpr=1&gdpr_consent=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 a_cntr.png
cdn.onnetwork.tv/cnt/ Frame 6438 126 B
368 B 51ms
50ms Image
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntr.png?ts=16481062071&vmvp=1&w=9164&vs=1180&vc=26698&mobile=0&aps=4&pv=0&ac=0&plist=2120&widget=0&ab=0&co=1&pod=0&muted=1&initap=4&adcount=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
server: XO.webservantpro
accept-ranges: bytes
content-length: 126
content-type: image/png

GET
H2 200 setupad.com_vast_video_outstream_not_visible Show response
vast.smilewanted.com/ads/ Frame 6438 9 KB
2 KB 267ms
176ms XHR
application/xml 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.smilewanted.com/ads/setupad.com_vast_video_outstream_not_visible?referrer_url=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&consent_string=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d47b2f4a0e362722d057a9e3d7f7f1625c838104fe114297f7937f3c7c9603e

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cf-ray: 6f0d9f996d11193a-BCN
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ Frame 6438 1 KB
942 B 220ms
68ms XHR
text/xml 2a02:26f0:7100:484::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5eff2df04c3975414e14b415&logo=false&showpreloader=false&vastretry=3&AV_URL=https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/&cb=1648106208&AV_GDPR=1&AV_CONSENT=&AV_CUSTOM1=271372&AV_CUSTOM2=9.09&AV_CUSTOM3=1.0%2C1%21smilewanted.com%2C2972%2C1%2C%2Csetupad.com%2Csetupad.com%2C&AV_CUSTOM4=22440310&AV_CUSTOM5=10947857&AV_CUSTOM6=18590863&AV_CUSTOM7=s2s_video_instream_high_visibility&AV_CDIM1=271372
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 39ee777e86d52ab8d88ca346db8295407dc1d0f3766c5743be3d160bf2a32625

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 674
expires: Thu, 24 Mar 2022 07:16:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6438 0
327 B 602ms
211ms Ping
image/gif 2607:f8b0:4007:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l14nvsbz&c=3094891537448&slotId=1547445768724&fb=ima_html5-lima&sdkv=h.3.506.0&ppt=onnetwork%2Fvplayer&ppv=8.6.1&mrd=30&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44736293%2C44758374&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_lt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1568 64 KB
22 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55aeee54a674f6d1c04b3199b0ee816a1cf5678c6ae7c5b7d2838f43ba849a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22984
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 17:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 24 Mar 2022 07:19:27 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 1586 126 B
331 B 51ms
50ms Fetch
image/png 37.59.235.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1648106209&event=adloaded&d=9164&vs=1674&aps=4&playerVisible=2&plist=2120&widget=0&initap=4&currap=4&ab=0&cbs=1&co=1&vc=26864&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: www.gzeme.lt
URL: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.59.235.100 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w24.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/no-referrer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
last-modified: Thursday, 24-Mar-2022 07:16:48 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 1568 364 KB
103 KB 189ms
62ms Script
application/javascript 2a02:26f0:7100:484::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtaRE-_doNm3ulxH1xZmXzOjLHWBOKixWa9YVjtCNVK076_Ct2ecYI7CdJfflNfUhD8BhrShY3e4nSIKp4OGbE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104575
last-modified: Wed, 23 Mar 2022 06:59:54 GMT
server: UploadServer
etag: "02948485f0faba4c05b4a0eb92dd6f40"
vary: Accept-Encoding
x-goog-hash: crc32c=uG63EQ==, md5=ApSEhfD6ukwFtKDrkt1vQA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1648018794693190
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104575
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Mar 2022 07:21:48 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 334ms
107ms Image
text/plain 54.156.166.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.gzeme.lt&sn=&cd1=271372&ic=0&tgt=1&app=&wi=918&he=516&test=&d36=6.2.12&apppkg=&fv=3&proto=https&pid=5ef4bc022e79664d2b473869&cid=5eff2df04c3975414e14b415&stagid=&stplid=&e=inventory&vi=0&cb=1648106209077
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.166.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-166-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
gov.aniview.com/api/adserver/tag/ 4 KB
2 KB 393ms
143ms XHR
application/json 54.210.134.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&AV_GDPR=1&AV_CONSENT=&AV_CUSTOM1=271372&AV_CUSTOM2=9.09&AV_CUSTOM3=1.0%2C1!smilewanted.com%2C2972%2C1%2C%2Csetupad.com%2Csetupad.com%2C&AV_CUSTOM4=22440310&AV_CUSTOM5=10947857&AV_CUSTOM6=18590863&AV_CUSTOM7=s2s_video_instream_high_visibility&AV_CDIM1=271372&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ef4bc022e79664d2b473869&AV_CHANNELID=5eff2df04c3975414e14b415&tgt=1&AV_SUBID=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DETDOMAIN=www.gzeme.lt&AV_DADPOS=3&d36=6.2.12&responsive=1&sver=2&avtoken=209077&AV_WIDTH=918&AV_HEIGHT=516&AV_DNT=0&cb=1648106209090
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.134.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-134-238.compute-1.amazonaws.com
Software: /
Resource Hash: 8cc165b02233d2e416e18802e3fa592396250e3436f30adeb242523566e2b12a

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gzeme.lt
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 12 Mar 2022 17:30:09 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B451 15 KB
6 KB 184ms
55ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648106209415-988811949874-008110-010-003726%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=123356
expires: Fri, 25 Mar 2022 17:32:45 GMT
date: Thu, 24 Mar 2022 07:16:49 GMT
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame AD0D 0
0 191ms
62ms Document
text/plain 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648106209415-988811949874-008110-010-003726%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

Date: Thu, 24 Mar 2022 07:16:49 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap3ams1

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame C7C4 0
0 186ms
58ms Document
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/

Response headers

date: Thu, 24 Mar 2022 07:16:49 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age: 0
server: ATS/9.1.0.33

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
108ms Image
text/plain 54.156.166.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=RO&cos=Windows&r=www.gzeme.lt&rs=www.gzeme.lt&sid=31812&t=1648106209&cip=185.183.106.148&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=918&he=516&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&aafaid=&proto=https&uid=1648106209415-988811949874-008110-010-003726&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=30159736745&cd1=271372&d9=1000&d37=realtime&AV_WIDTH=918&AV_HEIGHT=516&nid=5ef4bc022e79664d2b473869&ncid=5eff2df04c3975414e14b415&e=request&cb=1648106209496&asid=5f2d269a9e0c9636494339f3%2C5eff336350cf1c34b555cdd4&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.166.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-166-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK 10947857 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 194ms
66ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/10947857?loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&_fw_gdpr=1&_fw_gdpr_consent=&cbb=8106209494
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a8887a79753f58c472cee7acf86070d438d8b3dd17f2e9037759b95abb3c6b81

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:49 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1292
x-sticky-vk: 1648106209519091-430
Expires: Thu, 24 Mar 2022 07:16:49 GMT

GET
H/1.1 200
OK 271372 Show response
search.spotxchange.com/vast/3.00/ 67 B
1 KB 267ms
71ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/3.00/271372?VPAID=JS&price_floor=9.09&custom[zone_id]=0&content_page_url=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&VMaxd=120&custom_skin=1&player_width=640&player_height=480&gdpr=1&gdpr_consent=&schain=1.0%2C1!smilewanted.com%2C2972%2C1%2C%2Csetupad.com%2Csetupad.com%2C&cbb=8106209495
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:49 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000380
X-SpotX-Timing-SpotMarket: 0.007378
X-SpotX-Timing-Page-Mux: 0.000228
X-SpotX-Timing-Page-Require: 0.000311
X-fe: 120
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.010766
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000270
Last-Modified: Thu, 24 Mar 2022 07:16:49 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.007378
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gzeme.lt
X-SpotX-Timing-Page-Misc: 0.002185
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B451 0
42 B 215ms
61ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41799586&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1648106209415-988811949874-008110-010-003726%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:48 GMT
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
107ms Image
text/plain 54.156.166.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=RO&cos=Windows&r=www.gzeme.lt&rs=www.gzeme.lt&sid=31812&t=1648106209&cip=185.183.106.148&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=918&he=516&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&aafaid=&proto=https&uid=1648106209415-988811949874-008110-010-003726&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=30159736745&cd1=271372&d9=1000&d37=realtime&AV_WIDTH=918&AV_HEIGHT=516&nid=5ef4bc022e79664d2b473869&ncid=5eff2df04c3975414e14b415&e=bid&cb=1648106209773&asid=5f2d269a9e0c9636494339f3&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.166.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-166-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 50FF 337 KB
114 KB 237ms
53ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jan 2022 13:58:10 GMT
ETag: "1643119090"
X-HW: 1648106209.dop011.ml1.t,1648106209.cds016.ml1.shn,1648106209.dop011.ml1.t,1648106209.cds205.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116304

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 50FF 25 KB
25 KB 217ms
53ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1648106210181
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:50 GMT
Last-Modified: Tue, 25 Jan 2022 13:58:10 GMT
ETag: "1643119090"
X-HW: 1648106210.dop022.ml1.t,1648106210.cds018.ml1.shn,1648106210.cds018.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
595 B 68ms
68ms Image
image/gif 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1648106210227005-382
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 50FF 543 B
889 B 131ms
67ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=10947857&loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a3e36c1702de19b42eb5ac6a3a328e2d02f5cc4377870aa052ad40cda2a42856

Request headers

Accept: application/xml, text/xml
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 543
x-sticky-vk: 1648106210175092-395
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 50FF 67 B
457 B 211ms
106ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=10947857&loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&_fw_gdpr=1&cbb=8106209494&_fw_gdpr_consent=&vav=19aeeb684fb5d580051dcbecd68bb6ec&vaviv=28025d8d4ac937c0672ad91508f63290&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=918x516&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1648106210224086-426
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

130ms
67ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=&google_tc=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

365ms
120ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FWTPM54CDG5GSKDJVHDP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648106210234087-400
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
107ms Image
text/plain 54.156.166.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=RO&cos=Windows&r=www.gzeme.lt&rs=www.gzeme.lt&sid=31812&t=1648106209&cip=185.183.106.148&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=918&he=516&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&aafaid=&proto=https&uid=1648106209415-988811949874-008110-010-003726&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=30159736745&cd1=271372&d9=1000&d37=realtime&AV_WIDTH=918&AV_HEIGHT=516&nid=5ef4bc022e79664d2b473869&ncid=5eff2df04c3975414e14b415&e=request&cb=1648106210426&asid=5f2d269a9e0c9636494339f3%2C5eff336350cf1c34b555cdd4&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.166.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-166-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK 10947857 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 67ms
66ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/10947857?loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&_fw_gdpr=1&_fw_gdpr_consent=&cbb=8106210426
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a7b27aa2ad6c4cbd00cb9d61a2ce07185a953d9e7797e57c628501d25943a823

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1292
x-sticky-vk: 1648106210383053-422
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H/1.1 200
OK 271372 Show response
search.spotxchange.com/vast/3.00/ 67 B
1 KB 74ms
74ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/3.00/271372?VPAID=JS&price_floor=9.09&custom[zone_id]=0&content_page_url=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&VMaxd=120&custom_skin=1&player_width=640&player_height=480&gdpr=1&gdpr_consent=&schain=1.0%2C1!smilewanted.com%2C2972%2C1%2C%2Csetupad.com%2Csetupad.com%2C&cbb=8106210426
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:50 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000389
X-SpotX-Timing-SpotMarket: 0.008545
X-SpotX-Timing-Page-Mux: 0.000177
X-SpotX-Timing-Page-Require: 0.000265
X-fe: 106
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.012669
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000254
Last-Modified: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008545
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gzeme.lt
X-SpotX-Timing-Page-Misc: 0.003027
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 107ms
107ms Image
text/plain 54.156.166.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=RO&cos=Windows&r=www.gzeme.lt&rs=www.gzeme.lt&sid=31812&t=1648106209&cip=185.183.106.148&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=918&he=516&app=&AV_PUBLISHERID=5ef4bc022e79664d2b473869&test=&aafaid=&proto=https&uid=1648106209415-988811949874-008110-010-003726&cha=0.7&stagid=&stplid=&d35=&d36=6.2.12&cb=30159736745&cd1=271372&d9=1000&d37=realtime&AV_WIDTH=918&AV_HEIGHT=516&nid=5ef4bc022e79664d2b473869&ncid=5eff2df04c3975414e14b415&e=bid&cb=1648106210505&asid=5f2d269a9e0c9636494339f3&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.166.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-166-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:16:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame D966 337 KB
114 KB 52ms
52ms Script
application/x-javascript 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5ef4bc022e79664d2b473869
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jan 2022 13:58:10 GMT
ETag: "1643119090"
X-HW: 1648106209.dop011.ml1.t,1648106209.cds016.ml1.shn,1648106209.dop011.ml1.t,1648106210.cds205.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116304

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame D966 25 KB
25 KB 52ms
52ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1648106210613
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 07:16:50 GMT
Last-Modified: Tue, 25 Jan 2022 13:58:10 GMT
ETag: "1643119090"
X-HW: 1648106210.dop022.ml1.t,1648106210.cds018.ml1.shn,1648106210.cds018.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame D966 0
0

GET

53bdf2a7494585ee3855c4db7d22
pr-bh.ybp.yahoo.com/sync/stickyads/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=53bdf2a7494585ee3855c4db7d22&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l29ce_7078562272285410242
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0fac73dd-ae90-4168-bc13-a6ee5502ef44
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENdI7OcIZc6tl08Gnx1T-O8&google_cver=1&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABOHU7EeDYAADG5TbGIGA&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/stickyads/53bdf2a7494585ee3855c4db7d22?gdpr=0&gdpr_consent=&gdpr=0

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame D966 543 B
889 B 67ms
67ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=10947857&loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a3e36c1702de19b42eb5ac6a3a328e2d02f5cc4377870aa052ad40cda2a42856

Request headers

Accept: application/xml, text/xml
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 543
x-sticky-vk: 1648106210557072-339
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame D966 67 B
457 B 179ms
131ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=10947857&loc=https%3A%2F%2Fwww.gzeme.lt%2F2021%2F05%2F17%2Fpopuliariausios-turizmo-prekes-ka-verta-isigyti%2F&_fw_gdpr=1&cbb=8106210426&_fw_gdpr_consent=&vav=7e6211209dfb439bcfb1272485f85a32&vaviv=ab0a5a36d7c07e57d419235d68c125d3&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=918x516&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
Accept-Language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gzeme.lt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1648106210596077-425
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET user-matching
ads.stickyadstv.com/ Frame D966 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

170 B
188 B

66ms
66ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648106210647077-431
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET user-matching
ads.stickyadstv.com/ Frame D966 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

239ms
120ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 352W2NJ3TBTWYD6Z0JS4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648106210777040-340
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET user-matching
ads.stickyadstv.com/ Frame D966 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

170 B
188 B

66ms
66ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTNiZGYyYTc0OTQ1ODVlZTM4NTVjNGRiN2QyMg==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648106210830011-403
Expires: Thu, 24 Mar 2022 07:16:50 GMT

GET user-matching
ads.stickyadstv.com/ Frame D966 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

121ms
120ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://www.gzeme.lt/2021/05/17/populiariausios-turizmo-prekes-ka-verta-isigyti/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YMSHGDNGDVKYA0VRV8K0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Mar 2022 07:16:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=53bdf2a7494585ee3855c4db7d22&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648106210713099-386
Expires: Thu, 24 Mar 2022 07:16:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/stickyads/53bdf2a7494585ee3855c4db7d22?gdpr=0&gdpr_consent=&gdpr=0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 06:07:38	Name: _GRECAPTCHA Value: 09AFskoQ1F0-lp1GZDxDMl1fs3KBNEb07tWeSfQitS7yFWrAQmc-CFNVyK03LkeArvOuMdz_As0ZvRLLDK_Na6zVs
.gzeme.lt/	1970-01-20 19:19:38	Name: _ga Value: GA1.2.687813608.1648106207
.gzeme.lt/	1970-01-20 01:49:52	Name: _gid Value: GA1.2.321802839.1648106207
.gzeme.lt/	1970-01-20 01:48:26	Name: _gat_gtag_UA_140720470_1 Value: 1
.gzeme.lt/	1970-01-20 01:48:26	Name: _gat_onn_tracker Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nv23997 Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nd1208 Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nv26699 Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nd1197 Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nv26698 Value: 1
.onnetwork.tv/	1970-01-20 01:48:26	Name: nd1180 Value: 1
.facebook.com/	1970-01-20 19:19:38	Name: sb Value: 4Bo8Ym0hT-MyicA1vLmbLapN
.facebook.com/	1970-01-20 03:58:02	Name: fr Value: 0NkhAAiofiaZ5LbiV..BiPBrg.of.AAA.0.0.BiPBrg.AWXm13HUj_c
.aniview.com/	1970-01-20 02:02:50	Name: aniC Value: 1648106209415-988811949874-008110-010-003726
.ads.pubmatic.com/	1970-01-20 01:49:52	Name: KCCH Value: YES
ads.stickyadstv.com/	1970-01-20 02:31:38	Name: UID Value: 53bdf2a7494585ee3855c4db7d22
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 383243274dd62d24f5de5e8569c281
ads.stickyadstv.com/	1970-01-20 02:08:35	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1970-01-20 03:14:50	Name: uid-bp-159 Value: 1
.fwmrm.net/	1970-01-20 06:07:38	Name: _uid Value: "l29ce_7078562272285410242"
ads.stickyadstv.com/	1970-01-20 03:14:50	Name: uid-bp-36033 Value: l29ce_7078562272285410242
ads.stickyadstv.com/	1970-01-20 03:14:50	Name: MRM_UID Value: l29ce_7078562272285410242
.adsrvr.org/	1970-01-20 10:34:02	Name: TDID Value: 0fac73dd-ae90-4168-bc13-a6ee5502ef44
.adsrvr.org/	1970-01-20 10:34:02	Name: TDCPM Value: CAEYBSABKAIyCwiu2Pf3n9zGOhAFOAE.
ads.stickyadstv.com/	1970-01-20 03:14:50	Name: uid-bp-892 Value: 0fac73dd-ae90-4168-bc13-a6ee5502ef44
.doubleclick.net/	1970-01-20 11:10:02	Name: IDE Value: AHWqTUlpo2hUOAPyLtv79V7EJ8s7AI4ipos3xKJZdDsbqnB3_FaIVM-eCu5vKDhZpxQ

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205341/ad.js?id=mkqh5FS9zDcYVZdckVyTBE_Ef_zZfm8mmW402I6fjBj._7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205341/ad.js?id=mkqh5FS9zDcYVZdckVyTBE_Ef_zZfm8mmW402I6fjBj._7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205436/ad.js?id=h6OsAkt7TaO.KtkwDpa8bmGS.FeH8PBsQ6rfKnUVLtH.j7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205436/ad.js?id=h6OsAkt7TaO.KtkwDpa8bmGS.FeH8PBsQ6rfKnUVLtH.j7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1(Line 761) Message: Unrecognized feature: 'xr'.
other	warning	URL: https://video.onnetwork.tv/embed.php?sid=MkNRLFN4ZSww&o=1(Line 761) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205849/ad.js?id=QVxbkV9x_EEfiShrQ0.nWRKTwuzvK53JgRZwOmLBo47.p7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106205849/ad.js?id=QVxbkV9x_EEfiShrQ0.nWRKTwuzvK53JgRZwOmLBo47.p7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106206106/ad.js?id=AxPqoxpt420mrXJwl8oY4omXgpXw4h3vlS.gxfhHA5D.h7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1648106206106/ad.js?id=AxPqoxpt420mrXJwl8oY4omXgpXw4h3vlS.gxfhHA5D.h7/x=1600/y=1200/nc=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adlv.hit.gemius.pl
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
ap.lijit.com
cdn.jsdelivr.net
cdn.onnetwork.tv
cdn.stickyadstv.com
cdnf.onnetwork.tv
cdnt.onnetwork.tv
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
day.lt
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gov.aniview.com
gzeme.lt
image6.pubmatic.com
imasdk.googleapis.com
lh3.googleusercontent.com
lv.adocean.pl
ost1.gismeteo.lt
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
player.aniview.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
search.spotxchange.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
stpd.cloud
token.rubiconproject.com
track1.aniview.com
traffix.lt
ups.analytics.yahoo.com
vast.aniview.com
vast.smilewanted.com
video.onnetwork.tv
www.facebook.com
www.gismeteo.lt
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.gzeme.lt
ads.stickyadstv.com
pr-bh.ybp.yahoo.com
104.117.200.100
142.250.181.226
142.250.184.194
172.67.10.198
184.30.21.112
185.5.53.26
185.94.180.124
198.47.127.19
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:1b
209.54.180.3
23.218.208.200
23.37.42.132
2606:4700:20::681a:dd1
2606:4700:3033::6815:19d3
2606:4700:3034::6815:4bd2
2606:4700::6810:5814
2606:4700::6812:acf
2607:f8b0:4007:809::2003
2a00:1450:4001:800::2006
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9d
2a02:26f0:7100:484::2c79
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
3.126.56.137
37.157.2.236
37.157.6.234
37.59.235.100
37.59.253.101
51.83.210.184
54.156.166.5
54.210.134.238
54.38.133.12
69.173.144.138
69.173.144.139
72.251.249.9
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
05b445716488b2c470dd6d9f38b405643d5b75fd9b170f14a2ad2fafc30c0526
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a8a1c16ef3ef056a530105e55b0d8d9aec811d68e2b66bf76beba05d263e883
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
119d5d996d4d8d0a293b0c3bd450ba25d961a7d3aedba08aab861fb6ec8b6077
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
123eb1b10918cabd46a5600bb7b6c5fd874e23764aebe9c1ac013861e3e354e3
125b127a1609dd30e0937d6330b7caea3cfaa44dc857c386e34b2fe84dec3243
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c58ac15b605232441accdc041c0ab8fb3e54a9b564d5d6b4e874b08744cdb59
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e0c68c2dfe974697a9305b99c818ab52c8700aa439cab02ad2b2493079a0f30
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2198f45f3911e63ff41108aabb2126b38ec4e18bab77f9933533247f11a65d15
21b3ed85c9ad38d83cd2fecfaa17d4f6c645314585aa8cfc27f32e411b6e9ca3
22b5b69efbb5b00f3ac8b6908bef9ed9aca8cc213be5f1185cb81cd6159a243e
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
28296596fbe365df8b55ed0b6f6677a4b03e361310c79d708e06c7b7b2a9ccd1
284f0c310e8ace2bcd28d6c6153a31c154da7d6551defad4f1e3f42bb2512a59
289d566c877a4b7a5e3c8995151be7a7dfd308a3220448f7a5b19f5b91b9e309
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2ab24792c49dc9eaec5d569d532211e24c93242074352e131d627d3169635ae6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d973df25cca59fe3d01338fe7188b0c79572a549929da8a474dcee78d999dfa
31dda6cdd8ad7de0d570f703b6bb4f677dab097aa3495bd276e11d988d791f54
31f76758f06cf09230e3a093f9d3ce01f295d00fb4d43143e7eb7b80ab41dc6b
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579
33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c
354b54880775d31331f36253777963f56f64789d1cff268c142d1d5f65c05163
35b0de866c4b7019c20c40a8fc2c62bf222d407d7ea810a962e559ef7c1ec178
35f12f6bb3cfef49b3c36130ba086b0d35bb0df01acfaf371b2a54455f8afadc
38c8cfc5ad6925454c78b8f4b9c15233c1ab25ee568a99d31ab01b88bfa62a07
39ee777e86d52ab8d88ca346db8295407dc1d0f3766c5743be3d160bf2a32625
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40296928fac4f10110663318bc8c0b64e365f1ef8b4b9e1e4ae23788f43b6c69
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2
48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cf94e461b91f929d46138b2bd676073d316c3734b01356eeef23c36f2a954b2
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
51880ea50d277ef1dc4974d8c7059b8ef301a3e5927b8d32134ccab5c04879c1
51a8d30930f4dc659d3cab8215bbf79635cea7bcb33454c460f4b15383527c0b
5275fdfe7a60d43474d01c5a771eb04c0d7df191e6e672a57d4a300ff8b71c4d
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
53bf2e13c4c88655463a824a7325df40e7662a73f18906e55b4cafe4a37c54a9
53da94da8e6ab52da497fe42f13bb9ab7c0c4ce05e2574f69b3478fbfc647b38
55aeee54a674f6d1c04b3199b0ee816a1cf5678c6ae7c5b7d2838f43ba849a3d
56f68051eb13253893ed5a27b4d89ac50d1f699078eebeca551b2087b09a71d3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5acc5ea48f1724493eb0ac66c9d31206b6258e4ba22c6a1b32aef3c470c758f9
5d47b2f4a0e362722d057a9e3d7f7f1625c838104fe114297f7937f3c7c9603e
5e2f4690bfdd1f34600a776333fed815da644a78baae2fabc910d0443230841e
618a79a3f24c603041dbfdaa78df60ae218914d6216014041fcfa01384234d23
626c4aa4b1806c943c65ed2cc904b49f2c8b03d33d3696909dfa7479f661a013
6385fb90bce9904f8c58555d22ad7b279d34c5f8bb15302c92bb459c4e668745
6587c6fea7e011eb1c5981b00c2d4b64409179e1da919cf7984bc748bc49313e
66e898df2add0b150a1e3c17944b79d34bf05cda83d7a0057a6ed42d2954425b
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
681ec190531a267ea457c6578ad9b11cbd3b6e5ecea662711000e05c24b31778
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d900d720cda0e62391c0ca1c6e824e44fc17abd8f78bac49e30781f0dbc7e83
6ecc2aa5b1b9748c838b11778d52e96e4c6deddf0e9244a9a899b8dd642e83b4
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440
6faae62bf72a9fa84d009526a868a444c49cfd24fe69704408642f99c9e5e3e2
70f4afb8f300150e43b5a1aa41c0cce92ec3b3ba707611d15f2d36cdc2205b96
726d62fb89de01630f2ff5221734825066cf4542de712133a817353325390dc8
74a8a801d3ff462341b1fa78686c66c25a296e3445a391569b20433bfd2e3590
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a1a68c882bf422b594d7f2746401980218dc3fff394cba82712320b138c165c
7daa0ab7af5eef7dba6b8d1269aca27d92e766bf91536e52c72c851e6273dbbe
7efb9f0490c867eaa7f7b327392826c12b5cb02f46a78442c99d1ef5f27b27bc
8092269e8c53c77caf9aee93ec2f6fd9ef48e83fb4d2acad103801bc1d371486
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8203ce78677a615694614e31efd85a1d7e2812c5934503e907857a72198b479e
83a3cd7ed9675ce72c00f36cfca4673fa578a3747a6165e4e99617d7ea81bb8c
85e5eba54bbe8911cf1f15effdae3e351d0aa693ac4972c309da9ecc1de23128
86165d32c598052ca79e0a6652ba6f445ead7f7cbda7fc08b565e842985b7833
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cc165b02233d2e416e18802e3fa592396250e3436f30adeb242523566e2b12a
8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6
8ee8f228e70fc7c19ba401c93cd2311cf7d222bfe6ec622a6613be18679280da
8fad4915319845c1ac13c15ccc2163a680d4c34c61c0f9b6a144718f77cd2b5d
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947
9448e5e35e9cfba49612fab330c7ef1384a4708be5205b028486288ae260b85f
9575dd0a8289678d89fee43f35b59fa4a6dde8dbf5329441468cb0f680e9d51e
963519be109eb391c6214bcc5f1da4b56e24b40dd69389cbb378954eb69df185
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
9944250b3f0faa887f0c26d6d6d1a8ea213edaebf798d5586649fda969a6f7ad
9cc8c6631a96b3298598fca4d4b0892838911dd8e63a929cfad0df8b194b550c
9e3f824116bf1ec3acc0dd7c003055cfb201ab314633e5874a4c4df752bfa018
9f89b224cc40bc2b75f400bf2b21049fe5bb0f0053853976b1a7f22d652cb836
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d77e8f6a11cf607910d9b60360e0b14148620e081722acbbeafa83f7934360
a3a1d3ef0636f519d37eafe44045a350594b59de1556ca68fc855a79bdeda319
a3e36c1702de19b42eb5ac6a3a328e2d02f5cc4377870aa052ad40cda2a42856
a53e3fce80c17963a7f42f5818d501c1dc7366149f92ddaae5bc16fda9e344ed
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a61dc77820f79fdf13e84ca5c9be151128cae791087b5180a991a8988a045d6c
a7b27aa2ad6c4cbd00cb9d61a2ce07185a953d9e7797e57c628501d25943a823
a8887a79753f58c472cee7acf86070d438d8b3dd17f2e9037759b95abb3c6b81
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0
af8552f8f89335283643dba9dabc3d9827c15c4635a2eb9a3041d0ee0329a115
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b180be1b4d41bf226a44cf7ea60f2982d7346966840e870aa9c2da0d607ec813
b200c628f9431f44345ceabd3d25351e290eb9b9cf013690b14ce879ea8c47a9
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b50ffc6f93bdce3492737df10260740c8acbef24f20bf50a23fd121453f07855
b5633af5454dc2c0515ee3620ae8f846b1e5b107fbada5f8ed515b344f0a9f14
b64d362678754ea71b6ae5ae42341f75641e4dd3c128098ddcb3bbeff5d9ff23
b7fb7e36de6c0a1c499b79a571dd94a7988729aa818ea1845ceb011e3fc59023
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bac280b4a35727df4e709ebe975dba418368f2da9f9b43b4de7b14fe81b37d83
bc9fbdeaf51fc4176b5bd4d5786099890c3b158cb136b45490db20bafe81cb19
bd979d2c08599a8e31890422123c11c8cad736a7d140283a44fb85a647805f3e
bf2bf666ac38f2fa5f4fd56d8cdbb0d07cee9fec6ed875faada7ebb7259b5d56
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c43838a97fa3ac5a2bd0e8ecd80fe39c43ddc99c9ec0426fe618f89d8b6f15d5
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1f5ebf1aeb87d40360c81085ccfd0bf9714b24f2a253538adbff3f89a7634fa
d390af2e30e4f735571397acb9fa620c4a4b71eaca7d1fb68076e29b43f4ed94
d51da41d032c838358ca34585f19cea9ecc7f44381d384d674b055e339bae83a
da7b3ca48968ab9ccfdec162906574b8e23f7472eff54766d0917a558c06a139
da8e06357c54102452359884d8bbcac73fdd2898925a65e3cb64b7d99539413f
dbbde0b6de7506be9d7e8b3513e82e2e6658b5f1e7809b7f309cc13a3f538de8
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de70eadcf97b8523a9fb8f31f15ca8663e37aa6e943203e416d8d864d0b3d34c
de7cdf237ef7275d01e172aa16685690b3af4d9263958fce3e20d98457ff941c
dfe5108362b804a475a600ede56edaa70a3e11181bcc134578cd0127c0449ac1
dff5bac6b25441f6dd34ee4a9a80a3e4f491460abefb256d1c8b179a10581304
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e1e85403685fe025fa680a43340e6f0f5a39dd4ee67f4b8ceaced68067b851b4
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521
e5687019924fb855a99cb78199ee880103baae03d2d2d1745c4e52f750d44fb9
e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed7461f5424c2e488d2d0196322067030cd904734808f42934a11914b16bab24
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee45bb098890476ea9e916f3ca880bffbbb61496a0b019ecb32c590491014ab5
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f4ed418ae41295ea677e8e9c8ac0a9f0279e0c69e87722d46cea29715d30d0d7
f549aa8ea4548018cd6ca470dc9f56500f83847add842854b5ad443e0c69040d
f607411b229ee5599210879504fcd6b04c10e0ecb81dac818093c1dbe8903221
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f9c54ecff25b054d1c143e0eaadc24316bd0df200d2a3e8f0133708f80384dcc

www.gzeme.lt Open in urlscan Pro 185.5.53.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

280 Requests

96 %HTTPS

53 %IPv6

33 Domains

55 Subdomains

49 IPs

8 Countries

7238 kBTransfer

16630 kBSize

26 Cookies

30 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gzeme.lt Open in urlscan Pro
185.5.53.26 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

96 %
HTTPS

53 %
IPv6

33
Domains

55
Subdomains

49
IPs

8
Countries

7238 kB
Transfer

16630 kB
Size

26
Cookies

280 HTTP transactions
4 data transactions