baltled.lt Open in urlscan Pro
92.61.36.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://baltled.lt/COVID-19-protection-equipment.pdf
Submission: On April 02 via api (April 2nd 2020, 7:00:21 pm UTC) from US

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 11 domains to perform 76 HTTP transactions. The main IP is 92.61.36.129, located in Lithuania and belongs to TELIA-LIETUVA, LT. The main domain is baltled.lt.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 15th 2018. Valid for: 2 years.

This is the only time baltled.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	92.61.36.129 92.61.36.129	47205 (TELIA-LIE...) (TELIA-LIETUVA)
9	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:44f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1 2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
7	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1	195.12.186.240 195.12.186.240	47205 (TELIA-LIE...) (TELIA-LIETUVA)
5	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
1	147.75.32.13 147.75.32.13	54825 (PACKET) (PACKET)
76	15

22 92.61.36.129 (Lithuania)

ASN47205 (TELIA-LIETUVA, LT)
PTR: on1c79mma.sritis.lt

baltled.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:44f4 (United States)

ASN13335 (CLOUDFLARENET, US)

static.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa85.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.12.186.240 (Lithuania)

ASN47205 (TELIA-LIETUVA, LT)
PTR: 195-12-186-240.static.zebra.lt

track.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.13 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	baltled.lt baltled.lt	3 MB
19	sumo.com load.sumo.com sumo.com	446 KB
9	google.com www.google.com	611 B
7	tawk.to embed.tawk.to va.tawk.to static-v.tawk.to vsa85.tawk.to	116 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	mailerlite.com static.mailerlite.com cdn.mailerlite.com track.mailerlite.com	82 KB
3	jsdelivr.net cdn.jsdelivr.net	37 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	136 B
1	gstatic.com www.gstatic.com	93 KB
76	11

	Domain	Requested by
22	baltled.lt	baltled.lt cdn.mailerlite.com
14	load.sumo.com	baltled.lt load.sumo.com
9	www.google.com	baltled.lt www.gstatic.com
5	sumo.com	load.sumo.com
5	fonts.googleapis.com	embed.tawk.to load.sumo.com
3	vsa85.tawk.to	embed.tawk.to
3	cdn.jsdelivr.net	embed.tawk.to baltled.lt
3	static.mailerlite.com	baltled.lt static.mailerlite.com
2	va.tawk.to	embed.tawk.to
2	www.google-analytics.com	1 redirects baltled.lt
1	vars.hotjar.com	static.hotjar.com
1	static-v.tawk.to	embed.tawk.to
1	track.mailerlite.com	baltled.lt
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	baltled.lt
1	embed.tawk.to	baltled.lt
1	cdn.mailerlite.com	static.mailerlite.com
1	static.hotjar.com	baltled.lt
1	www.gstatic.com	www.google.com
76	19

This site contains links to these domains. Also see Links.

Domain
linpra.lt
www.effra.eu
esf.d-s-g.eu
bsma.lt
www.facebook.com
www.linkedin.com
vimeo.com
linker.lt

Subject Issuer	Validity	Valid
www.baltled.lt COMODO RSA Domain Validation Secure Server CA	`2018-05-15` - `2020-05-14`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
mailerlite.com CloudFlare Inc ECC CA-2	`2019-09-29` - `2020-09-28`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-02` - `2021-01-01`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-25` - `2020-10-09`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.mailerlite.com COMODO RSA Domain Validation Secure Server CA	`2017-11-26` - `2020-11-25`	3 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://baltled.lt/COVID-19-protection-equipment.pdf
Frame ID: 6941566DBAAC3014F95DA12EFA044023
Requests: 59 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: EB50632F400969FA506CA95E939D2162
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: AA50CAEE5D804D27F3125C918AFBC1A0
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: D27A7F513077672CD7BDE37691E01508
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 168C570C535C6ED82E3B120CF5E082C4
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=136ud6l5tvfr
Frame ID: 74BB46A48F7DBB9DFFFCE2586CFC6A3C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=ldmk1x8lino3
Frame ID: B80554C8DCB13E514A6A04CD953F1715
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xvdyou2rkc8i
Frame ID: 80B2CCF245631148E87A0575AB0CA90F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xq269suaryl9
Frame ID: BC08C90FB31943CB7DE127D0992F027D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 37F8B52AD8CEC27E3F8AD5C59F53DB62
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=aaf9demuitzk
Frame ID: 138F039128BDA5259342584248F10423
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=b7i9c6lquqlh
Frame ID: 09DF2FD49695FE07CC24102051F5B2AC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=jc7cqn6pzjp9
Frame ID: 3069F4A88965B27BDEEB757C2BFA1CDC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=n2s2rt1ztaj7
Frame ID: BA8EF420CC70EB06A35BDADAA7888340
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

76
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

19
Subdomains

15
IPs

5
Countries

3799 kB
Transfer

7079 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://linpra.lt/en/about-us/linpra-activities/

Search URL Search Domain Scan URL

URL: https://www.effra.eu/effra

Search URL Search Domain Scan URL

URL: http://esf.d-s-g.eu/node/884

Search URL Search Domain Scan URL

URL: https://bsma.lt/en/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BaltLed-1108182885866341/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/baltled?trk=biz-companies-cym

Search URL Search Domain Scan URL

URL: https://vimeo.com/user49739932

Search URL Search Domain Scan URL

URL: http://linker.lt/
Title: Created with

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=870303798&t=pageview&_s=1&dl=https%3A%2F%2Fbaltled.lt%2FCOVID-19-protection-equipment.pdf&ul=en-us&de=UTF-8&dt=Puslapis%20nerastas%20-%20Baltled&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1424644750&gjid=154933980&cid=14739423.1585854004&tid=UA-92805730-1&_gid=673065334.1585854004&_r=1&z=494207715 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-92805730-1&cid=14739423.1585854004&jid=1424644750&_gid=673065334.1585854004&gjid=154933980&_v=j81&z=494207715

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request Cookie set COVID-19-protection-equipment.pdf Show response
baltled.lt/ 32 KB
10 KB 971ms
749ms Document
text/html 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx /
Resource Hash: 5fc200f2fe782fb460ff4159104dda1a5f60f71fccf879047dba0d427ae863e8

Request headers

Host: baltled.lt
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 19:00:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: qtrans_front_language=en; expires=Fri, 02-Apr-2021 19:00:03 GMT; path=/ PHPSESSID=st6biao4farif8d9d49lnf4eo6; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/ qtrans_front_language=deleted; expires=Wed, 03-Apr-2019 19:00:02 GMT; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Link: <https://baltled.lt/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent,Accept-Encoding
Referrer-Policy
Content-Encoding: gzip

GET
H/1.1 200
OK _modules.min.css
baltled.lt/assets/themes/balt/css/ 86 KB
86 KB 95ms
95ms Stylesheet
text/css 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/css/_modules.min.css?ver=2.4&t=1585854003
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 32d40f2824d9449c594e27fdf09e6ee85df089ac985d0a1a84958756febbe184

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "589b0061-15776"
Last-Modified: Wed, 08 Feb 2017 11:26:25 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87926
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK style.min.css
baltled.lt/assets/themes/balt/css/ 235 KB
236 KB 176ms
83ms Stylesheet
text/css 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 0c511c4a7891dd15020b0f493822cf7b272ce40b5f2732d39609360ad8eae3ba

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5c77a49e-3adad"
Last-Modified: Thu, 28 Feb 2019 09:06:38 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 241069
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
611 B 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aec8f06eaabf9c98bf6595dc0869dc0e20138dc5fdf439bfc03963c39244ff6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 444
x-xss-protection: 1; mode=block
expires: Thu, 02 Apr 2020 19:00:03 GMT

GET
H/1.1 200
OK logo2.png
baltled.lt/assets/themes/balt/images/ 1 KB
2 KB 142ms
50ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/themes/balt/images/logo2.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 30e83585526d01e74a860d15f76653a4186b4d09505e1239f1859940b8896307

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5afbf576-55d"
Last-Modified: Wed, 16 May 2018 09:10:14 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1373
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK Orgalime-p.png
baltled.lt/assets/uploads/2016/12/ 706 B
1 KB 143ms
51ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/Orgalime-p.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: b9b62952f9f34c23e59bbd107f1b47618d37af2272f697444276fe4130e6592c

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
Referrer-Policy
Last-Modified: Wed, 16 May 2018 07:37:30 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: User-Agent
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 706
ETag: "2c2-56c4dca94e08c"
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK linpra-p.png
baltled.lt/assets/uploads/2016/12/ 1 KB
2 KB 59ms
58ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/linpra-p.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: cf640ac46b77973d2884d37f6e820d40c0ff1e290e1fdeb7f4b82c84149212f2

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5afbe08a-540"
Last-Modified: Wed, 16 May 2018 07:40:58 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1344
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK EFFRA_Log-58-20.png
baltled.lt/assets/uploads/2016/12/ 2 KB
2 KB 58ms
57ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/EFFRA_Log-58-20.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 5b6b7e963566e8f8f0917b892d82f5ddfb16a2669469dd2058c98d35c62bfb0d

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5afbdb5e-73a"
Last-Modified: Wed, 16 May 2018 07:18:54 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1850
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK ESF_logo_klein_-300x295.png
baltled.lt/assets/uploads/2016/12/ 25 KB
25 KB 101ms
101ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/ESF_logo_klein_-300x295.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: bec3750481976017250723709af9df060e5f7da0e05b869299f8012c89128d74

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5e54e4c2-63be"
Last-Modified: Tue, 25 Feb 2020 09:11:30 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25534
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK BSMA_logo-300x95.png
baltled.lt/assets/uploads/2016/12/ 14 KB
14 KB 408ms
111ms Image
image/png 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/BSMA_logo-300x95.png
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 1fc4f3a8f35dcb8f48ef1680b703486eabd8e3fd93ee628bfcddde356660b25b

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "5e54e420-3801"
Last-Modified: Tue, 25 Feb 2020 09:08:48 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14337
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H2 200 rolling.gif
static.mailerlite.com/images/ 25 KB
25 KB 35ms
34ms Image
image/gif 2606:4700:10::6816:44f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mailerlite.com/images/rolling.gif
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:44f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a635af1e19452bc63835e4b0dcda8febac6e4a3b1d08c7bcffa3cd88bfbf3ce

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 19:00:03 GMT
cf-cache-status: HIT
age: 4787794
cf-polished: origSize=63395
status: 200
cf-bgj: imgq:100
content-length: 25800
last-modified: Thu, 06 Feb 2020 12:30:13 GMT
server: cloudflare
etag: "5e3c06d5-f7a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57dcca64dc01c2ef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webforms.min.js Show response
static.mailerlite.com/js/w/ 7 KB
2 KB 53ms
19ms Script
application/javascript 2606:4700:10::6816:44f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mailerlite.com/js/w/webforms.min.js?v86b0a4c660f110085cbf49e83e53be98
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:44f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d4c3ae3f1ec48dfa29e43ab45e331436e9f9bfe42fc2f43033c37ce6377148

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 475211
status: 200
last-modified: Fri, 27 Mar 2020 13:08:12 GMT
server: cloudflare
etag: W/"5e7dfabc-1ca9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 57dcca63c8f0c2ef-FRA
expires: Mon, 27 Apr 2020 06:59:52 GMT

GET
H/1.1 200
OK general.min.js Show response
baltled.lt/assets/themes/balt/js/ 2 MB
2 MB 82ms
82ms Script
application/x-javascript 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/js/general.min.js?ver=2.4&t=1585854003
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 2a8e819590922fc2c241bd68650259f3d736b8efd38ca210ad56bbe56cf66993

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5c6287a1-1c9ad8"
Last-Modified: Tue, 12 Feb 2019 08:45:21 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1874648
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
baltled.lt/wp-includes/js/ 1 KB
2 KB 56ms
55ms Script
application/x-javascript 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "589b0364-576"
Last-Modified: Wed, 08 Feb 2017 11:39:16 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1398
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H/1.1 200
OK conv.js Show response
baltled.lt/assets/themes/balt/js/ 3 KB
3 KB 54ms
54ms Script
application/x-javascript 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/js/conv.js
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 17da693c8452d30fc1bb19e2f649b5f5ef10d0a98b7fde15c1f6266ef6cc55c9

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 19:00:03 GMT
ETag: "5bd6e598-abe"
Last-Modified: Mon, 29 Oct 2018 10:48:56 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2750
Expires: Fri, 02 Apr 2021 19:00:03 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/ 259 KB
93 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 16:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Mar 2020 04:05:21 GMT
server: sffe
age: 267607
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94752
x-xss-protection: 0
expires: Tue, 30 Mar 2021 16:39:56 GMT

GET
H2 200 hotjar-1108798.js Show response
static.hotjar.com/c/ 4 KB
2 KB 78ms
40ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1108798.js?sv=6

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress7

Software

Resource Hash

480d9a20b726cfd39d85a16a669a01f5e4fc635d349b2ac24a5a96883e80d809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-origin-status: 304
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/1019eca4557b48d5cdfe7d8df86b7423
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: ca5cf6a37a715579e0c9efaa000a411a
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1591
date: Thu, 02 Apr 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 02 Apr 2020 20:33:32 GMT

GET
H/1.1 200
OK WorkSans-Regular.woff2
baltled.lt/assets/themes/balt/fonts/ 35 KB
36 KB 77ms
61ms Font
application/font-woff2 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/WorkSans-Regular.woff2
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 62f10d68fb2057bb39dbf151941add3f53c21a6ed865391e33ab2cfd35a26d65

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0064-8cac"
Last-Modified: Wed, 08 Feb 2017 11:26:28 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36012
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK Ubuntu-Light.woff
baltled.lt/assets/themes/balt/fonts/ 153 KB
153 KB 104ms
57ms Font
application/font-woff 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/Ubuntu-Light.woff
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 9cbe84748472f471d83d7a8566a7ca3c973e65cf7757065e5c07a370c5a0ca5b

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0062-26314"
Last-Modified: Wed, 08 Feb 2017 11:26:26 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156436
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK p1-1130x330.jpg
baltled.lt/assets/uploads/2016/12/ 87 KB
87 KB 352ms
116ms Image
image/jpeg 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/assets/uploads/2016/12/p1-1130x330.jpg
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 0b96d562f44713ef3f08d1cbab7e637f519c8797cbe87db18e8a385072a9b2a6

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "5bfd1582-15bb6"
Last-Modified: Tue, 27 Nov 2018 09:59:30 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89014
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK WorkSans-Medium.woff2
baltled.lt/assets/themes/balt/fonts/ 39 KB
39 KB 161ms
84ms Font
application/font-woff2 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/WorkSans-Medium.woff2
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 113665bc4f78880baec2709a507316161fac03a693008c689e803a82e4c0babd

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0063-9ba4"
Last-Modified: Wed, 08 Feb 2017 11:26:27 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39844
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK Ubuntu-Medium.woff
baltled.lt/assets/themes/balt/fonts/ 117 KB
118 KB 245ms
157ms Font
application/font-woff 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/Ubuntu-Medium.woff
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 9fa06c6dfe83641d42857f275caa5e25d1ddb0945e36b4d5a7101d8716d50934

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0062-1d5cc"
Last-Modified: Wed, 08 Feb 2017 11:26:26 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120268
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK WorkSans-Bold.woff2
baltled.lt/assets/themes/balt/fonts/ 38 KB
39 KB 184ms
96ms Font
application/font-woff2 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/WorkSans-Bold.woff2
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: c1bcbb6fd27c990c9beb0be9e8fad2ceb64b376673ed6bf35d2f025adcafee5a

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0063-99fc"
Last-Modified: Wed, 08 Feb 2017 11:26:27 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39420
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK Ubuntu.woff
baltled.lt/assets/themes/balt/fonts/ 128 KB
128 KB 262ms
165ms Font
application/font-woff 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/Ubuntu.woff
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: d670cc97a6048981dd91aa50496f4d0df4edf771f6e88908d55c5a5ebcf1bc73

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0063-1fe68"
Last-Modified: Wed, 08 Feb 2017 11:26:27 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130664
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
baltled.lt/assets/themes/balt/fonts/ 75 KB
76 KB 269ms
89ms Font
application/font-woff2 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/_modules.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0062-12d68"
Last-Modified: Wed, 08 Feb 2017 11:26:26 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H/1.1 200
OK WorkSans-Light.woff2
baltled.lt/assets/themes/balt/fonts/ 38 KB
38 KB 357ms
111ms Font
application/font-woff2 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://baltled.lt/assets/themes/balt/fonts/WorkSans-Light.woff2
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx / PleskLin
Resource Hash: 8258bd8e36d9ab7da07d623a69d7eeea30d731178104cc587a7530643afa5744

Request headers

Referer: https://baltled.lt/assets/themes/balt/css/style.min.css?ver=2.4&t=1585854003
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
ETag: "589b0063-97c0"
Last-Modified: Wed, 08 Feb 2017 11:26:27 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38848
Expires: Fri, 02 Apr 2021 19:00:04 GMT

GET
H2 200 jquery.min.js Show response
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 57ms
39ms Script
application/javascript 2606:4700:10::6816:44f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v86b0a4c660f110085cbf49e83e53be98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:44f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Content-Security-Policy	script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self' .facebook.com s-static.ak.facebook.com .google.com
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2112123
status: 200
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: origin
last-modified: Tue, 07 Mar 2017 16:51:01 GMT
server: cloudflare
etag: W/"58bee4f5-16dc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self' *.facebook.com s-static.ak.facebook.com *.google.com
cf-ray: 57dcca652d02c2ef-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 55ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: d6c5f5b3dae2def565c9d6f08e05d5c6206be4951ff4399fa14c3fe4bb2e9326

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: DD2823A3E22CE56F
status: 200
cdn-cachedat: 2020-04-02 15:19:27
cdn-pullzone: 53731
x-amz-id-2: K5dvYtWqnc5htJeo995e1C5ZH7r5tpg+d74IIp202sc0kr22YgQLtFRBBeBhrI+f1YVl2yzuQi8=
last-modified: Thu, 02 Apr 2020 15:19:10 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 1a6a068d3a8ad612a859a74e37a83304
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 default Show response
embed.tawk.to/5bff99cd40105007f37a22bd/ 502 KB
110 KB 76ms
60ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882af776ff6244375bb5de1a2b446b0fc01a57938211b156e4bdbf6563a8131e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 7261
etag: W/"fulls68259"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 57dcca651f1ddfc3-FRA
access-control-allow-origin: *

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=870303798&t=pageview&_s=1&dl=https%3A%2F%2Fbaltled.lt%2FCOVID-19-protection-equipment.pdf&ul=en-us&de=UTF-8&dt=Puslapis%20nerastas%20-%20Balt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-92805730-1&cid=14739423.1585854004&jid=1424644750&_gid=673065334.1585854004&gjid=154933980&_v=j81&z=494207715

35 B
136 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-92805730-1&cid=14739423.1585854004&jid=1424644750&_gid=673065334.1585854004&gjid=154933980&_v=j81&z=494207715

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 02 Apr 2020 19:00:04 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Apr 2020 19:00:04 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-92805730-1&cid=14739423.1585854004&jid=1424644750&_gid=673065334.1585854004&gjid=154933980&_v=j81&z=494207715
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a92727a4c833d493f39c.js Show response
script.hotjar.com/ 366 KB
69 KB 54ms
18ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.a92727a4c833d493f39c.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1108798.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash: cffc96ce9434913e1e06c48bcb97ca43987ac70b8205ee9599e8e0bf71fb03f3

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
content-type: application/javascript
age: 23383
status: 200
section-io-cache: Hit
content-length: 70608
last-modified: Thu, 02 Apr 2020 12:27:28 GMT
etag: "99db0184cccae59b4e0e8e4761408288"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
accept-ranges: bytes
section-io-id: f3c2837ef431b79338e9b05db546b6ae
section-origin-responded: true

GET
H2 200 72.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 131 KB
44 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: CEB7C54C452E7A98
status: 200
cdn-cachedat: 2020-04-02 15:19:27
cdn-pullzone: 53731
x-amz-id-2: /3xDTKZe6WvZa9f6oSbHBkNekxoMbYDRUaPttZNiKV43ajvqXT3L6A3m95KeDEGRFCwoqv9KIgc=
last-modified: Thu, 02 Apr 2020 15:18:49 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2a851c1311859cbdf1910ee3d18db0c6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 289 KB
100 KB 14ms
14ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: E03D5F522C099006
status: 200
cdn-cachedat: 2020-04-02 15:19:26
cdn-pullzone: 53731
x-amz-id-2: rG9Z9/KyNS0WYJBeqKjzICNKeKjpQt6nVt3HxO9tzZDF92vWg8dxN5pBm3Ww+wiOBjReaOigcQU=
last-modified: Thu, 02 Apr 2020 15:18:50 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 290cd34d263d07589545d28a0f7d8ec6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 ml_jQuery.inputmask.bundle.min.js Show response
static.mailerlite.com/js/w/ 69 KB
21 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:44f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v86b0a4c660f110085cbf49e83e53be98
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:44f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 559925
status: 200
last-modified: Thu, 26 Mar 2020 12:03:46 GMT
server: cloudflare
etag: W/"5e7c9a22-1153a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 57dcca658e0cc2ef-FRA
expires: Sun, 26 Apr 2020 07:27:59 GMT

GET
H/1.1 200
OK m6c1g0
track.mailerlite.com/webforms/o/286639/ 43 B
293 B 181ms
47ms Image
image/gif 195.12.186.240
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.mailerlite.com/webforms/o/286639/m6c1g0?v1585854004

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.12.186.240 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),

Reverse DNS

195-12-186-240.static.zebra.lt

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 19:00:04 GMT
Content-Encoding: gzip
Server: nginx
Connection: close
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame EB50 8 KB
793 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 19:00:04 GMT
server: ESF
date: Thu, 02 Apr 2020 19:00:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 19:00:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA50 8 KB
747 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 19:00:04 GMT
server: ESF
date: Thu, 02 Apr 2020 19:00:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 19:00:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D27A 8 KB
747 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 19:00:04 GMT
server: ESF
date: Thu, 02 Apr 2020 19:00:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 19:00:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 168C 8 KB
747 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 19:00:04 GMT
server: ESF
date: Thu, 02 Apr 2020 19:00:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 19:00:04 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 168C 192 B
554 B 39ms
22ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13519930
cf-ray: 57dcca66586016ee-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21037-AMS, cache-fra19142-FRA
server: cloudflare
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 168C 295 KB
36 KB 45ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13519931
cf-ray: 57dcca66586416ee-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21034-AMS, cache-hhn4075-HHN
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

POST
H2 200 1585854004206 Show response
va.tawk.to/register/ 729 B
1 KB 361ms
342ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1585854004206

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b36389b4daba8ad97a9966e73e43a6b528358dc351ddd6896bf2bcd609ca3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
vary: Accept-Encoding
x-served-by: visitor-application-preemptive-vb3s
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://baltled.lt
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 57dcca6668e196fe-FRA
access-control-allow-headers: origin, content-type

GET
H/1.1 404
Not Found COVID-19-protection-equipment.pdf
baltled.lt/ 4 KB
4 KB 745ms
744ms Image
text/html 92.61.36.129
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baltled.lt/COVID-19-protection-equipment.pdf
Requested by: Host: cdn.mailerlite.com
URL: https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.61.36.129 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS: on1c79mma.sritis.lt
Software: nginx /
Resource Hash: 7831f0ab03ef3cdaecb1b61a82206675256ca94ce13415a67b384bb34cf9219a

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 02 Apr 2020 19:00:05 GMT
Content-Encoding: gzip
Referrer-Policy
Server: nginx
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://baltled.lt/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 889 B
1 KB 560ms
193ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

1f74a29e19412d42a2ec5f1966e556135e2f8bea896e74409eb1b2c5798440c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 889

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 74BB 0
0 83ms
83ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=136ud6l5tvfr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cglE2Hp81t8yVqCSIiV9hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=136ud6l5tvfr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-cglE2Hp81t8yVqCSIiV9hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10479
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame B805 0
0 37ms
37ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=ldmk1x8lino3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OcK0WWupT2JFoZZYPz4aKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=ldmk1x8lino3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-OcK0WWupT2JFoZZYPz4aKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10170
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 80B2 0
0 39ms
38ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xvdyou2rkc8i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S8DimBfJzRYd/GQwI+JABA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xvdyou2rkc8i
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-S8DimBfJzRYd/GQwI+JABA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10095
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame BC08 0
0 45ms
43ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xq269suaryl9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EqZCm15+owmmFiEqD897Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&co=aHR0cHM6Ly9iYWx0bGVkLmx0OjQ0Mw..&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=normal&cb=xq269suaryl9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-EqZCm15+owmmFiEqD897Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10067
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame D27A 3 KB
3 KB 29ms
28ms Font
application/font-woff2 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22930
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 2744
pragma: public
last-modified: Mon, 15 Jul 2019 17:37:05 GMT
server: cloudflare
etag: "5d2cb9c1-ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 57dcca68fb4edfc3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
vsa85.tawk.to/s/ 101 B
201 B 608ms
594ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa85.tawk.to/s/?k=5e8636347e637bd3e624a2b1&u=tVa2rjFpe1e0wR0JcZLTKqWTUS65Pu7sFYP0qXgGwfi6QDeVIDeJZIVSNUUXc9Wf&uv=2&a=5bff99cd40105007f37a22bd&cver=0&pop=false&w=TzWBPz&jv=682&asver=6373&ust=false&p=Puslapis%20nerastas%20-%20Baltled&r=&EIO=3&transport=polling&__t=N4yGxsR

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d1218bdd0df25b890fa422f246b5496f1bbb474f668ab965419f85cf9381a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
cf-ray: 57dcca691bfe96fe-FRA
content-length: 101

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 168C 413 B
569 B 21ms
21ms Image
image/png 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Requested by

Host: baltled.lt
URL: https://baltled.lt/COVID-19-protection-equipment.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 19:00:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4790528
cf-ray: 57dcca68f8ea16ee-FRA
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 413
x-served-by: cache-fra19182-FRA
server: cloudflare
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 37F8 0
0 54ms
17ms Document
text/html 147.75.32.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1108798.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.13 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress9
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
date: Thu, 02 Apr 2020 19:00:04 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.093
section-origin-responded: true
age: 654768
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: f22376e5d2e1a8c6cdfb46e365004442

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 138F 0
0 28ms
28ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=aaf9demuitzk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PiyFlJA2VPIuJTQr3Dch/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=aaf9demuitzk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-PiyFlJA2VPIuJTQr3Dch/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1182
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 09DF 0
0 20ms
20ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=b7i9c6lquqlh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-umWRTJBg/PgPrQmNRsO/WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=b7i9c6lquqlh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-umWRTJBg/PgPrQmNRsO/WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1182
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 3069 0
0 31ms
31ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=jc7cqn6pzjp9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PKOgE1F4ZRmsc0WX8WiZQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=jc7cqn6pzjp9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-PKOgE1F4ZRmsc0WX8WiZQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1183
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame BA8E 0
0 28ms
28ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=n2s2rt1ztaj7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JYZr96XNMCHqgoJtaxL3LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&k=6LeWJzoUAAAAAPuPEDKfTfa7V4ZfiHUGR1pPpo8p&cb=n2s2rt1ztaj7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://baltled.lt/COVID-19-protection-equipment.pdf
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 02 Apr 2020 19:00:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-JYZr96XNMCHqgoJtaxL3LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1183
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

OPTIONS
H2 204 services Show response
sumo.com/ 0
253 B 178ms
178ms XHR
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://baltled.lt
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
server: nginx/1.14.1
access-control-allow-origin: https://baltled.lt
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

GET
H2 200 / Show response
vsa85.tawk.to/s/ 490 B
653 B 147ms
147ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746f92b056a340d6e9bb1fcd5ce858e595cf010d7cda8db7fc5f7c5b972c73d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
cf-ray: 57dcca6cc81096fe-FRA
content-length: 490

POST
H2 200 services Show response
sumo.com/ 216 B
611 B 193ms
192ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

5076e1246b6a607dd336c0aa7d810a6dcbf15776cdb6d7588af9f2dc12605100

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: VoJ0RcIUiqoUyj7eaxVIuq9O
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 216

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
116 B 130ms
130ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
x-served-by: visitor-application-preemptive-4xd5
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
cf-ray: 57dcca6db95096fe-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 / Show response
vsa85.tawk.to/s/ 4 B
86 B 672ms
672ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5bff99cd40105007f37a22bd/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:00:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
cf-ray: 57dcca6db95196fe-FRA
content-length: 4

GET
H2 200 7.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 97 KB
33 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 5C8DF19231761AD4
status: 200
cdn-cachedat: 2020-04-02 15:19:26
cdn-pullzone: 53731
x-amz-id-2: RIK/hnKmYkCaRmp2YIgD3LLsWvthZ91CXf6B+YCY19heCOzA3PQJKJiAXczN57Uz1HMTUzLq+FA=
last-modified: Thu, 02 Apr 2020 15:18:47 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4573191f0f2eb9c06308fccae52d021e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 5 KB
3 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: D8028ECB77EE9ED9
status: 200
cdn-cachedat: 2020-04-02 15:19:26
cdn-pullzone: 53731
x-amz-id-2: U6YSFqQzRertL4Yt2EOatb5y852DfGjoCEsJhM7Wn6wTRSeh8ennQeYaOnRrkL6BvMVdKmmJxLk=
last-modified: Thu, 02 Apr 2020 15:18:25 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 5944587345fbc80f64e45f67b757a150
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 0E04AB377992CAC4
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: FaRVLcwdd+CJ2ZH0PE8JkYGHruSeJDAB5WWoA4uvnj3NM2McILdfoGIDBElQLFp+H9intLtAtHU=
last-modified: Thu, 02 Apr 2020 15:18:09 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 3649e6298e54b4f23b1ab4d9ce8cc515
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 11 KB
5 KB 13ms
13ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: B170CC0C5FF92E5A
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: eSEaW1/LKuzNvQis1TZZitVSCf0h20RRBvS2P5hjjcCGzbdqu/Ws2+jO4LTEsBoY+OpyY0IroXE=
last-modified: Thu, 02 Apr 2020 15:17:56 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 19d07da2153e255320e9d113a2501bfa
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 92 KB
25 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: F7E67D2DEC0938C5
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: djyrrtw5abavOgjAOJ2wByfdCJS31ooMEgSJx+Y4p9Q4X3orqWiqD+KU71hNFFdGbWYZeRYnTwE=
last-modified: Thu, 02 Apr 2020 15:18:11 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e4d4499511d87a86cbb38e0e7f1515d2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 329 KB
94 KB 9ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 5A3441CC410F4C94
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: dDXtkvan5vjzcr/12ON57IRTR7Qz5ZZXl8B4tseYvaaZZ4e1zJdi/d/4/E+rkZjKpPf1nMxtGOQ=
last-modified: Thu, 02 Apr 2020 15:18:12 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e1e4e505fd7e735a49cff1f0bd0dab55
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 179 KB
51 KB 38ms
38ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 10BDF64A05928547
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: Uwc/Vomp0bxfEnrXe732+WTZDcLlszHaWyuzwpXXLZsDR/c8h80nwZZWfgytxzpJlX2A2U6Q3wU=
last-modified: Thu, 02 Apr 2020 15:18:10 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 28498069485bbcc2b3ac15f09ba362c1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 1 KB
1 KB 38ms
38ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: ABF1E50F50B6F9BA
status: 200
cdn-cachedat: 2020-04-02 15:19:29
cdn-pullzone: 53731
x-amz-id-2: 6kwgLMFxftdK4aGdVhb3/0AKYagtURwXs7RQp/lcWCRqRscxzkYG0ri4sWiF8TvlqYxsX0VRbGo=
last-modified: Thu, 02 Apr 2020 15:18:44 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 33d7b96b79524a944d0e8c8ee9c9447b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 0.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 5 KB
3 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 12D5429B06F07ACE
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: PDboS4hE4DpTbUYFNOuTt7fyoafZfBD30XwyChb+WzlO1tKwPjvRypBAD2RMLr4ogVJ4Pqz/+84=
last-modified: Thu, 02 Apr 2020 15:17:55 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ab593147a4cb1b66a0c7f5a128e1b6bd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 1 MB
79 KB 7ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 51B632BCA0ECDF7E
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: BP9tW4PfkN8An1QzXUpDRkIBFiozxRSirLMrJouEf8SNmDnU+erj/V0IBOaAqiOiIbHSKMY8yWM=
last-modified: Thu, 02 Apr 2020 15:19:06 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 0c6d40dd8981dc569f74581290b5529d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.83c0fd282d7068bf2eed.js Show response
load.sumo.com/ 221 B
854 B 7ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.83c0fd282d7068bf2eed.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: D53621F7F995686C
status: 200
cdn-cachedat: 2020-04-02 15:19:25
cdn-pullzone: 53731
x-amz-id-2: Slp6ILTh077eAX9S7H9nfVr8OJRe51L8s/TFsp/GTY5g7JtL84XzIsxuWtQe+nUIyNQXqC5fXzI=
last-modified: Thu, 02 Apr 2020 15:19:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: b60a52fbdec6463b5d638fe19a2380e4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/0.83c0fd282d7068bf2eed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 19:00:05 GMT
server: ESF
date: Thu, 02 Apr 2020 19:00:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 19:00:05 GMT

OPTIONS
H2 204 features Show response
sumo.com/api/site/be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000/ 0
253 B 181ms
180ms XHR
text/plain 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000/features?site_id=be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://baltled.lt
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Thu, 02 Apr 2020 19:00:05 GMT
server: nginx/1.14.1
access-control-allow-origin: https://baltled.lt
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

GET
H2 200 features Show response
sumo.com/api/site/be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000/ 3 KB
1 KB 186ms
186ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000/features?site_id=be740b00441b980060a45c008bef59000f85f60088ab0900e7464200cc418000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://baltled.lt/COVID-19-protection-equipment.pdf
Origin: https://baltled.lt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Sumo-Auth: VoJ0RcIUiqoUyj7eaxVIuq9O

Response headers

date: Thu, 02 Apr 2020 19:00:06 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baltled.lt
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			baltled.lt/	1970-01-19 17:16:30	Name: __smToken Value: VoJ0RcIUiqoUyj7eaxVIuq9O

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.83c0fd282d7068bf2eed.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baltled.lt
cdn.jsdelivr.net
cdn.mailerlite.com
embed.tawk.to
fonts.googleapis.com
load.sumo.com
script.hotjar.com
static-v.tawk.to
static.hotjar.com
static.mailerlite.com
stats.g.doubleclick.net
sumo.com
track.mailerlite.com
va.tawk.to
vars.hotjar.com
vsa85.tawk.to
www.google-analytics.com
www.google.com
www.gstatic.com
147.75.32.13
147.75.32.99
147.75.33.131
195.12.186.240
2606:4700:10::6816:1983
2606:4700:10::6816:44f4
2606:4700::6810:5914
2a00:1450:4001:809::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0b::9c
2a00:f48:2000:1023::3
52.34.133.113
92.61.36.129
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0a635af1e19452bc63835e4b0dcda8febac6e4a3b1d08c7bcffa3cd88bfbf3ce
0b96d562f44713ef3f08d1cbab7e637f519c8797cbe87db18e8a385072a9b2a6
0c511c4a7891dd15020b0f493822cf7b272ce40b5f2732d39609360ad8eae3ba
113665bc4f78880baec2709a507316161fac03a693008c689e803a82e4c0babd
17da693c8452d30fc1bb19e2f649b5f5ef10d0a98b7fde15c1f6266ef6cc55c9
1f74a29e19412d42a2ec5f1966e556135e2f8bea896e74409eb1b2c5798440c9
1fc4f3a8f35dcb8f48ef1680b703486eabd8e3fd93ee628bfcddde356660b25b
2a8e819590922fc2c241bd68650259f3d736b8efd38ca210ad56bbe56cf66993
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30e83585526d01e74a860d15f76653a4186b4d09505e1239f1859940b8896307
32d40f2824d9449c594e27fdf09e6ee85df089ac985d0a1a84958756febbe184
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
37d1218bdd0df25b890fa422f246b5496f1bbb474f668ab965419f85cf9381a4
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
480d9a20b726cfd39d85a16a669a01f5e4fc635d349b2ac24a5a96883e80d809
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
5076e1246b6a607dd336c0aa7d810a6dcbf15776cdb6d7588af9f2dc12605100
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5b6b7e963566e8f8f0917b892d82f5ddfb16a2669469dd2058c98d35c62bfb0d
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5fc200f2fe782fb460ff4159104dda1a5f60f71fccf879047dba0d427ae863e8
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62f10d68fb2057bb39dbf151941add3f53c21a6ed865391e33ab2cfd35a26d65
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
746f92b056a340d6e9bb1fcd5ce858e595cf010d7cda8db7fc5f7c5b972c73d6
7831f0ab03ef3cdaecb1b61a82206675256ca94ce13415a67b384bb34cf9219a
8258bd8e36d9ab7da07d623a69d7eeea30d731178104cc587a7530643afa5744
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
882af776ff6244375bb5de1a2b446b0fc01a57938211b156e4bdbf6563a8131e
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
9b36389b4daba8ad97a9966e73e43a6b528358dc351ddd6896bf2bcd609ca3df
9cbe84748472f471d83d7a8566a7ca3c973e65cf7757065e5c07a370c5a0ca5b
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
9fa06c6dfe83641d42857f275caa5e25d1ddb0945e36b4d5a7101d8716d50934
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aec8f06eaabf9c98bf6595dc0869dc0e20138dc5fdf439bfc03963c39244ff6e
b9b62952f9f34c23e59bbd107f1b47618d37af2272f697444276fe4130e6592c
bec3750481976017250723709af9df060e5f7da0e05b869299f8012c89128d74
c1bcbb6fd27c990c9beb0be9e8fad2ceb64b376673ed6bf35d2f025adcafee5a
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
cf640ac46b77973d2884d37f6e820d40c0ff1e290e1fdeb7f4b82c84149212f2
cffc96ce9434913e1e06c48bcb97ca43987ac70b8205ee9599e8e0bf71fb03f3
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d670cc97a6048981dd91aa50496f4d0df4edf771f6e88908d55c5a5ebcf1bc73
d6c5f5b3dae2def565c9d6f08e05d5c6206be4951ff4399fa14c3fe4bb2e9326
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f1d4c3ae3f1ec48dfa29e43ab45e331436e9f9bfe42fc2f43033c37ce6377148
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

baltled.lt Open in urlscan Pro 92.61.36.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

60 %IPv6

11 Domains

19 Subdomains

15 IPs

5 Countries

3799 kBTransfer

7079 kBSize

1 Cookies

8 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baltled.lt Open in urlscan Pro
92.61.36.129 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

19
Subdomains

15
IPs

5
Countries

3799 kB
Transfer

7079 kB
Size

1
Cookies

76 HTTP transactions
0 data transactions