ldiena.lt Open in urlscan Pro
62.210.189.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ldiena.lt/
Effective URL:
https://ldiena.lt/
Submission: On August 14 via api (August 14th 2023, 7:17:55 pm UTC) from US — Scanned from FR

Summary HTTP 383 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 51 domains to perform 383 HTTP transactions. The main IP is 62.210.189.174, located in France and belongs to Online SAS, FR. The main domain is ldiena.lt.
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.

This is the only time ldiena.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	62.210.189.174 62.210.189.174	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 2	2.21.20.143 2.21.20.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	173.222.108.170 173.222.108.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.12.127.178 185.12.127.178	50214 (QWARTA) (QWARTA)
2	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
1	162.19.61.80 162.19.61.80	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	185.134.203.247 185.134.203.247	203444 (MAPMAKERS...) (MAPMAKERSGROUP)
2	193.16.47.244 193.16.47.244	1820 (WNET) (WNET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.151.106.131 82.151.106.131	29456 (BELSVYAZ-AS) (BELSVYAZ-AS)
1	109.235.67.100 109.235.67.100	62282 (RACKRAY U...) (RACKRAY UAB Rakrejus)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f24... 2a03:2880:f245:ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f24... 2a03:2880:f245:e0:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6 30	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
11	23.0.174.232 23.0.174.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	193.108.153.9 193.108.153.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.48.23.174 23.48.23.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2.19.126.196 2.19.126.196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.202.91 2.16.202.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3 49	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
9	146.75.118.113 146.75.118.113	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
8	95.101.111.131 95.101.111.131	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	34.141.62.31 34.141.62.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.101.111.174 95.101.111.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.38.98.155 23.38.98.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	35.157.211.238 35.157.211.238	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
3	193.108.153.12 193.108.153.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.202.120 2.16.202.120	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	23.197.149.186 23.197.149.186	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.111.149 95.101.111.149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
383	64

63 62.210.189.174 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 62-210-189-174.rev.poneytelecom.eu

ldiena.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stalin.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
evaizdai.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ldiena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.143 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-143.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.222.108.170 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-222-108-170.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.12.127.178 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.114.203 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.134.203.247 (Russian Federation)

ASN203444 (MAPMAKERSGROUP, RU)

ost1.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.16.47.244 (Krakow, Poland)

ASN1820 (WNET, US)

www.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ekspertai.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.151.106.131 (Belgorod, Russian Federation)

ASN29456 (BELSVYAZ-AS, RU)

b1.culture.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.235.67.100 (Lithuania)

ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: server.hey.lt

www.hey.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f245:ca:face:b00c:0:43fe (Amsterdam, Netherlands) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f245:e0:face:b00c:0:4420 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.0.174.232 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-0-174-232.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-9.deploy.static.akamaitechnologies.com

sf16-secsdk.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.174 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-174.deploy.static.akamaitechnologies.com

p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.19.126.196 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-196.deploy.static.akamaitechnologies.com

p16-sign-useast2a.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-91.deploy.static.akamaitechnologies.com

sf16-short-va.bytedapm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.75.118.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

v19-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.111.131 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-131.deploy.static.akamaitechnologies.com

mcs-va-useast2a.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.141.62.31 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.62.141.34.bc.googleusercontent.com

mon-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.111.174 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-174.deploy.static.akamaitechnologies.com

mssdk-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.98.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-155.deploy.static.akamaitechnologies.com

vmweb-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.211.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-211-238.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.108.153.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com

lf16-tiktok-common.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.120 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-120.deploy.static.akamaitechnologies.com

mon.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

sjf.flycorsair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.149.186 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-149-186.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-149.deploy.static.akamaitechnologies.com

mssdk-va.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	732 KB
45	gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com www.gstatic.com fonts.gstatic.com	818 KB
36	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	358 KB
36	ldiena.com ldiena.com	908 KB
28	tiktokcdn.com p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1178 p16-sign-useast2a.tiktokcdn.com — Cisco Umbrella Rank: 1506 v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 28136	2 MB
23	ldiena.lt 1 redirects ldiena.lt	377 KB
15	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 14322 sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 6741 sf16-secsdk.ttwstatic.com — Cisco Umbrella Rank: 38101	955 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30452 ad4m.at — Cisco Umbrella Rank: 10726 assets.ad4m.at — Cisco Umbrella Rank: 40955	223 KB
13	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	602 B
11	byteoversea.com mon-va.byteoversea.com — Cisco Umbrella Rank: 4969 mssdk-va.byteoversea.com — Cisco Umbrella Rank: 30673 vmweb-va.byteoversea.com — Cisco Umbrella Rank: 24828	8 KB
11	gismeteo.lt ost1.gismeteo.lt www.gismeteo.lt	18 KB
10	tiktokv.com mcs-va-useast2a.tiktokv.com — Cisco Umbrella Rank: 30864 mon.tiktokv.com — Cisco Umbrella Rank: 3045	3 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	562 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	9 KB
9	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4117	136 KB
6	google.com 4 redirects apis.google.com — Cisco Umbrella Rank: 160 www.google.com — Cisco Umbrella Rank: 3	23 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107 static.facebook.com — Cisco Umbrella Rank: 77268	4 KB
4	youtube.com img.youtube.com — Cisco Umbrella Rank: 3445	74 KB
4	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 3572 mssdk-va.tiktok.com — Cisco Umbrella Rank: 19545	24 KB
3	ibytedtos.com lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 6625	171 KB
3	evaizdai.lt evaizdai.lt	234 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	91 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	218 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1184	14 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 154708 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	497 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2044	1 KB
2	bytedapm.com sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 16317	27 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 8765 www.instagram.com — Cisco Umbrella Rank: 1642	20 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 15858 c.statcounter.com — Cisco Umbrella Rank: 10264	15 KB
2	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 202380	12 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2763	32 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 17077	705 B
1	aircaraibes.com jpp.aircaraibes.com	2 KB
1	flycorsair.com sjf.flycorsair.com — Cisco Umbrella Rank: 905051	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	760 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 752	33 KB
1	hey.lt www.hey.lt — Cisco Umbrella Rank: 535995	1 KB
1	culture.ru b1.culture.ru	30 KB
1	ekspertai.eu ekspertai.eu	199 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 16519	309 KB
1	sape.ru cdn-rtb.sape.ru — Cisco Umbrella Rank: 80592	420 B
1	stalin.lt stalin.lt	528 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2388	391 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	8 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	twitter.com Failed platform.twitter.com Failed
383	51

	Domain	Requested by
49	tpc.googlesyndication.com	3 redirects googleads.g.doubleclick.net
36	ldiena.com	ldiena.lt
30	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
23	ldiena.lt	1 redirects ldiena.lt
18	p16-sign-useast2a.tiktokcdn.com	www.tiktok.com ldiena.lt
15	pagead2.googlesyndication.com	ldiena.lt pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	www.googleadservices.com	googleads.g.doubleclick.net ldiena.lt
11	www.gstatic.com	googleads.g.doubleclick.net
11	sf16-website-login.neutral.ttwstatic.com	www.tiktok.com sf16-website-login.neutral.ttwstatic.com sf16-secsdk.ttwstatic.com
10	www.googletagservices.com	googleads.g.doubleclick.net
10	fonts.googleapis.com	googleads.g.doubleclick.net
9	v19-web-newkey.tiktokcdn.com	www.tiktok.com
9	mc.yandex.ru	1 redirects ldiena.lt w.uptolike.com mc.yandex.ru
9	ost1.gismeteo.lt	ldiena.lt
8	mon-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
8	mcs-va-useast2a.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
8	fonts.gstatic.com	fonts.googleapis.com
8	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
8	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	www.google.com	4 redirects googleads.g.doubleclick.net
5	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
5	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	img.youtube.com	ldiena.lt
3	lf16-tiktok-common.ibytedtos.com	ldiena.lt
3	www.facebook.com	1 redirects connect.facebook.net
3	www.google-analytics.com	ldiena.lt www.google-analytics.com
3	evaizdai.lt	ldiena.lt
3	lf16-tiktok-web.ttwstatic.com	ldiena.lt www.tiktok.com
3	connect.facebook.net	ldiena.lt connect.facebook.net
3	www.googletagmanager.com	ldiena.lt www.googletagmanager.com www.google-analytics.com
3	use.fontawesome.com	ldiena.lt
2	mssdk-va.tiktok.com	sf16-website-login.neutral.ttwstatic.com
2	mon.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	vmweb-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
2	sf16-short-va.bytedapm.com	www.tiktok.com sf16-short-va.bytedapm.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.gismeteo.lt	ldiena.lt
2	w.uptolike.com	ldiena.lt w.uptolike.com
2	www.tiktok.com	1 redirects lf16-tiktok-web.ttwstatic.com
2	stackpath.bootstrapcdn.com	ldiena.lt
1	www.awin1.com	as.ad4m.at
1	jpp.aircaraibes.com	as.ad4m.at
1	sjf.flycorsair.com	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	mssdk-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
1	p16-sign-va.tiktokcdn.com	www.tiktok.com
1	sf16-secsdk.ttwstatic.com	www.tiktok.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.facebook.com	www.facebook.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	code.jquery.com	ldiena.lt
1	www.instagram.com	ldiena.lt
1	platform.instagram.com	1 redirects
1	www.statcounter.com	ldiena.lt
1	www.hey.lt	ldiena.lt
1	b1.culture.ru	ldiena.lt
1	ekspertai.eu	ldiena.lt
1	i.postimg.cc	ldiena.lt
1	cdn-rtb.sape.ru	ldiena.lt
1	stalin.lt	ldiena.lt
1	www.paypalobjects.com	ldiena.lt
1	cdn.ampproject.org	ldiena.lt
1	apis.google.com	ldiena.lt
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	platform.twitter.com Failed	ldiena.lt
383	77

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
www.paypal.me
stalin.lt
www.gismeteo.lt
torentai.lt
ekspertai.eu
maksimasgorkis.wordpress.com
alexa.com
alkas.lt
bukimevieningi.lt
infa.lt
laikmetis.lt
laisvavisuomene.lt
minfo.lt
propatria.lt
sarmatas.lt
tiesos.lt
petrasdargis.lt
jonaskovalskis.com
lebionka.blogspot.com
lt.sputniknews.ru
cont.ws
riss.ru
risstv.ru
www.rubaltic.ru
citydog.by
kyky.org
www.the-village.me
kaktutzhit.by
binkl.by
34mag.net
hrodna.life
www.hey.lt
www.statcounter.com

Subject Issuer	Validity	Valid
ldiena.lt R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
stalin.lt R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.sape.ru R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
uptolike.com R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
postimg.cc R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
evaizdai.lt R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gismeteo.lt AlphaSSL CA - SHA256 - G4	`2023-06-16` - `2024-07-17`	a year	crt.sh
ekspertai.eu GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.culture.ru AlphaSSL CA - SHA256 - G4	`2023-04-24` - `2024-05-25`	a year	crt.sh
hey.lt Sectigo RSA Domain Validation Secure Server CA	`2023-03-06` - `2024-04-05`	a year	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
ldiena.com R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-11` - `2023-12-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.tiktokcdn.com RapidSSL ECC CA 2018	`2023-07-13` - `2024-08-12`	a year	crt.sh
*.bytedapm.com RapidSSL ECC CA 2018	`2022-12-13` - `2024-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.tiktokv.com RapidSSL ECC CA 2018	`2023-08-14` - `2024-09-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.byteoversea.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-08-02` - `2024-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.ibytedtos.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
sjf.flycorsair.com Gandi Standard SSL CA 2	`2022-12-22` - `2023-12-22`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2022-08-18` - `2023-09-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://ldiena.lt/
Frame ID: 9A109E6B6C782A43B6A37AF7B85494CC
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: 42C07FDC888AA195DCE5A3CC25BC4853
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/group.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fafdc6abfdd8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff913ab5700c928%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true
Frame ID: 6E9B250F3D26451A74A26BD0E2EA07B1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df208c291c2b8024%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff913ab5700c928%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
Frame ID: E5373CB36DA2D6A9A7F46F772ADF8866
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&adk=1812271804&adf=3025194257&lmt=1692033467&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fldiena.lt%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666817&bpp=7&bdt=344&idt=276&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1287940977713&frm=20&pv=2&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: E0C442A8F593594CEA5C6214E7D8709A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1692033467&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666824&bpp=2&bdt=351&idt=364&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j4fkQCOvwX&p=https%3A//ldiena.lt&dtd=373
Frame ID: F66F3BFC98D6CC6513984058D36D996F
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389
Frame ID: 781813D857B507B23DBEB8D04E56B296
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666828&bpp=1&bdt=355&idt=405&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=chp9IBK4ge&p=https%3A//ldiena.lt&dtd=409
Frame ID: 5A70833F485776E24DAB39DEEDAF8C95
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417
Frame ID: A781F23D8373C80FB8EF8AAC7859B072
Requests: 11 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Frame ID: 02B4E8998352179DD7073A44CC080717
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666836&bpp=1&bdt=363&idt=613&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=m4pqh3Jgu1&p=https%3A//ldiena.lt&dtd=617
Frame ID: 850B5EC3977C038063FE3102849675F8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666837&bpp=1&bdt=363&idt=621&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&xpc=xLAEbkgpw3&p=https%3A//ldiena.lt&dtd=624
Frame ID: 445B55923C0F7B9DA8D1208B01A6DCA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=2029996184&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666837&bpp=1&bdt=364&idt=627&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=5&fsb=1&xpc=tNSSz7BAXt&p=https%3A//ldiena.lt&dtd=631
Frame ID: 9B5FCC2C091AE0CB31F35A27AE4EB64D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=1190019031&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=635&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=15&uci=a!f&btvi=6&fsb=1&xpc=AR0oy2FG4h&p=https%3A//ldiena.lt&dtd=641
Frame ID: E1C2041F440816588D5FA6F559856D32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 43B4BD0251B80AFDFCF164E0A97AA092
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
Frame ID: A1A06673A07159C59C1EB7821F79626E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 659F342643FA1A74DDA04CC11EA84F14
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: E39655893887D8A89B9AB0CAB6F3E50E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: B9561D08906B53890649DE41FAA0B6BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: E0FC10134A3635DD2C61DA5C5C54C9B8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: CCC88068618C0ACB2DAC7E863483FD4E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 33F76775204233526E8D122204EFE37D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3CDE7E514D68308F0030367D01CB3245
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: A41C7072569AFA3F195F52CE249E77A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 0BD14D02C09162DDBD191DA1546D8865
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D
Frame ID: A029749429DCA0904F508A093D98944E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: 87263BB9F686173461966A7BFA398F95
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07849EA9FD40F19E4C269619B123AB8C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 57FFCB8EC95094FBE5A3494E2B9EE144
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 30D9458CFE82EFD893A77738FB1736BB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5FD2DB5B66124642DBBF2BC853C8C006
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3959E09E528FF75E65F0D96179A5DC0A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 31C4292F85086BE5BFA989504645DDA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 60FDFFC170A427F1EA5F3215A4947745
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FD90D5099C99FD1DEDB0ECAB5221723D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 833266C344BC2A5ABA4FC2A173DE4F5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 47F2626499730A40AD1E807D2AF5DAD0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Frame ID: 188B0AD4AA7C545453F7AC7139D6CCC8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LDiena.lt Žinios

Page URL History Show full URLs

http://ldiena.lt/ HTTP 301
https://ldiena.lt/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

383
Requests

95 %
HTTPS

48 %
IPv6

51
Domains

77
Subdomains

64
IPs

11
Countries

9377 kB
Transfer

29733 kB
Size

53
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/bePatron?u=14904194

Search URL Search Domain Scan URL

URL: https://www.paypal.me/ragelskis
Title: Paremk LDieną per Paypal!

Search URL Search Domain Scan URL

URL: https://stalin.lt/knygu-komplektai/25-n-starikovas-lietuviskai.html
Title: Tik 29,99 euro!

Search URL Search Domain Scan URL

URL: https://stalin.lt/pagrindinis/26-stalin-prisimename-kartu.html
Title: Stalin. Prisimename kartu

Search URL Search Domain Scan URL

URL: https://stalin.lt/pagrindinis/24-kas-priverte-hitleri-uzpulti-stalina.html
Title: Kas privertė Hitlerį užpulti Staliną?

Search URL Search Domain Scan URL

URL: https://stalin.lt/pagrindinis/22-krize-kaip-tai-daroma.html
Title: Krizė. Kaip tai daroma

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-vilnius-4230/
Title: VilniusAn, 15 rugpjūčioNaktį+152 m/s75880 %Ryte+193 m/s75869 %Dieną+304 m/s75848 %Vakare+283 m/s75758 %

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-vilnius-4230/2-weeks/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-kaunas-4202/
Title: KaunasAn, 15 rugpjūčioNaktį+171 m/s76372 %Ryte+203 m/s76367 %Dieną+303 m/s76346 %Vakare+323 m/s76146 %

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-kaunas-4202/2-weeks/

Search URL Search Domain Scan URL

URL: http://torentai.lt/

Search URL Search Domain Scan URL

URL: http://ekspertai.eu/static/uploads/2014/01/vytautas_petkevicius_durniu_laivas.pdf

Search URL Search Domain Scan URL

URL: https://maksimasgorkis.wordpress.com/
Title: 150 metų Maksimui Gorkiui! Pilnas raštų rinkinys lietuviškai

Search URL Search Domain Scan URL

URL: http://alexa.com/siteinfo/ldiena.lt
Title: Reitingas

Search URL Search Domain Scan URL

URL: http://alkas.lt/
Title: Alkas.lt

Search URL Search Domain Scan URL

URL: http://bukimevieningi.lt/
Title: BūkimeVieningi.lt

Search URL Search Domain Scan URL

URL: http://ekspertai.eu/
Title: Ekspertai.eu

Search URL Search Domain Scan URL

URL: http://infa.lt/
Title: Infa.lt

Search URL Search Domain Scan URL

URL: http://laikmetis.lt/
Title: Laikmetis.lt

Search URL Search Domain Scan URL

URL: http://laisvavisuomene.lt/
Title: Laisvos visuomenės institutas

Search URL Search Domain Scan URL

URL: http://minfo.lt/
Title: mInfo.lt

Search URL Search Domain Scan URL

URL: http://propatria.lt/
Title: ProPatria.lt

Search URL Search Domain Scan URL

URL: http://sarmatas.lt/
Title: Sarmatas.lt

Search URL Search Domain Scan URL

URL: http://tiesos.lt/
Title: Tiesos.lt

Search URL Search Domain Scan URL

URL: http://petrasdargis.lt/
Title: Petras Dargis

Search URL Search Domain Scan URL

URL: http://jonaskovalskis.com/
Title: Jonas Kovalskis

Search URL Search Domain Scan URL

URL: http://lebionka.blogspot.com/
Title: Algimantas Lebionka

Search URL Search Domain Scan URL

URL: https://lt.sputniknews.ru/
Title: SputnikNews

Search URL Search Domain Scan URL

URL: http://cont.ws/
Title: Cont.ws

Search URL Search Domain Scan URL

URL: http://riss.ru/
Title: РИСИ

Search URL Search Domain Scan URL

URL: http://risstv.ru/
Title: РИСИ ТВ

Search URL Search Domain Scan URL

URL: https://www.rubaltic.ru/articles/
Title: Rubaltic.ru vertimai

Search URL Search Domain Scan URL

URL: https://citydog.by/
Title: CityDog.by

Search URL Search Domain Scan URL

URL: http://kyky.org/
Title: KyKy.org

Search URL Search Domain Scan URL

URL: http://www.the-village.me/
Title: The-Village.me

Search URL Search Domain Scan URL

URL: http://kaktutzhit.by/
Title: KakTutZhit.by

Search URL Search Domain Scan URL

URL: http://binkl.by/
Title: Binkl.by

Search URL Search Domain Scan URL

URL: https://34mag.net/
Title: 34mag.net

Search URL Search Domain Scan URL

URL: http://hrodna.life/
Title: Hrodna.life

Search URL Search Domain Scan URL

URL: https://www.hey.lt/details.php?id=ldiena

Search URL Search Domain Scan URL

URL: https://www.statcounter.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ldiena.lt/ HTTP 301
https://ldiena.lt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.tiktok.com/embed.js HTTP 302
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

Request Chain 50

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 103

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df208c291c2b8024%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff913ab5700c928%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLDienaNaujienos&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df208c291c2b8024%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff913ab5700c928%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Request Chain 124

https://mc.yandex.ru/watch/55595281?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A446424540698%3Ahid%3A970899614%3Az%3A120%3Ai%3A20230814211747%3Aet%3A1692040667%3Ac%3A1%3Arn%3A1002979313%3Arqn%3A1%3Au%3A1692040667962299694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C38%2C63%2C18%2C403%2C0%2C%2C404%2C22%2C%2C%2C%2C928%3Aco%3A0%3Acpf%3A1%3Ans%3A1692040665964%3Arqnl%3A1%3Ast%3A1692040667%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A446424540698%3Ahid%3A970899614%3Az%3A120%3Ai%3A20230814211747%3Aet%3A1692040667%3Ac%3A1%3Arn%3A1002979313%3Arqn%3A1%3Au%3A1692040667962299694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C38%2C63%2C18%2C403%2C0%2C%2C404%2C22%2C%2C%2C%2C928%3Aco%3A0%3Acpf%3A1%3Ans%3A1692040665964%3Arqnl%3A1%3Ast%3A1692040667%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 181

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODK_4KgjwEQmAkYpgIyCHnoD09qGluh HTTP 301
https://tpc.googlesyndication.com/simgad/3480467348219639323

Request Chain 199

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODK_4KgjwEQmAkYpgIyCHnoD09qGluh HTTP 301
https://tpc.googlesyndication.com/simgad/3480467348219639323

Request Chain 224

https://googleads.g.doubleclick.net/pagead/adview?ai=CsMPI233aZM3MFq_En88P9t6c0Auwuu28cL2Rqq7mDmQQASDV2NopYPvhhYOcCqAB6-LKugLIAQapAg9lAPosC5I-qAMByAPLBKoEuwFP0DM-N1sY8lQqJgeKRqZFSe_6HSFuViWCa91Wfhb_N41G4KSiFkTGxPreHkVIyohd02QHPNCrGV2MhgTtRsoJwjygCt9E2XsFZDXrHcvquukDAqB85kOrryJuSeS_pvTjoVGBrgU4TZsJH8Gy8EDtSzZpIkawPyKXjb6dLzXgJLSnCErbITDBhcgySR3gf6yV_hmmkPejKwCplJJDhxHJtu18c_ltkMEQb6EoTNPID4hPsVkDw69LxG0iwASIyo7r4gOSBQQIBBgBkgUECAUYBKAGN4AH_Zy1xQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDqrAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglJaHR0cHM6Ly9nby5wbGF5bWFya2V0LmNvbS9qc3AvcmVkaXJlY3QvbGFuZGluZ19wYWdlcy8xNDYxMTY0ODI4L2luZGV4LmpzcIAKAcgLAaIMCCoGCgTDsLEC2BML0BUBmBYBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=PoOpp0oE-Dw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWC0ydffkHXOdzWpGiZpz33pEuwl84qRgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222945517934968126006%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22659730795%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210606347898581506657%22}&andc=true

Request Chain 227

https://googleads.g.doubleclick.net/pagead/adview?ai=CKuFu233aZP2iFqKa2OMP_PGa4AWwuu28cPGDjr3BDmQQASDV2NopYPvhhYOcCqAB6-LKugLIAQapAg9lAPosC5I-qAMByAPLBKoEuwFP0Js_U0m0d5T4yXdaY7OMbciL3k_mTWHzf3lIEDtFe3W1HBQ6hws8o_oT1nkee2aLhU6he_xjdxnKeDG5UCqf12Hcoa2hewlT6n1m2Mptj8gO_vz75mk2oUI8etv3-eiuJxeW4u2M3-acUSok7kIxtJyTIJBVg0UGYgusmRWVrNONme8CtGzpAqvBmjVP-g0moH2ZwTecTZlVFsqtAF_2F2BQvBYv2_agCriUJrDnlftB71yHcvttMGKxwASIyo7r4gOSBQQIBBgBkgUECAUYBKAGN4AH_Zy1xQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCdUdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUhodHRwczovL2dvLnBsYXltYXJrZXQuY29tL2pzcC9yZWRpcmVjdC9sYW5kaW5nX3BhZ2VzLzMyMjA0NTY4NC9pbmRleC5qc3CACgHICwGiDBAqDgoMw7CxAuS0sQLutbEC2BML0BUBmBYBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=zbmEvXn5Z5I&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWPMPVBJxff8gwuB_tjOe1cr5dCWofGBgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215131543408272152947%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22659730795%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214858912622754478321%22}&andc=true

Request Chain 229

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp-QL233aZP_YEuDln88P8_SUiA7g6uzOccftyMusEdzZHhABINXY2ilg--GFg5wKoAGV2-3EA8gBCakCSoEp5l9csj6oAwHIA8sEqgS7AU_Qhp-xAHkAxBnaRDoGTq6gKJLa1mCLHUCpZHyV_A7W7fobRxFntuzaarEh1dssLxdbq17IXa_9NdKiOHQFhkQhrHgeObkKn5vxKXWcsXgEvaxhGOh2VGTla4Ak8CM37LMpb9t6YW16MpB4brZu_1Bsv9oMVkDEgaybNBEHXZsAov8z7C4rb-CUwscOynYDA3zV4utfF7lMV6cFUqSXlf2nZMAYk3B_NfJLCQrYAEIXsbRWBKYpLJ1-eKrABMuIgfCfBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAehvu02qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPHNAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSxodHRwczovL3d3dy5ib25wcml4LmZyL2NhdGVnb3JpZS9mZW1tZS1tb2RlL4AKAcgLAaIMCCoGCgTDsLEC2BMLiBQD0BUBmBYBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=xJcfAyeE3DI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWRhsbp1RbCFJdW7k8mRqZuvw4aMI--hgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22424606677004992587%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22949710229%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222957436118922799009%22}&andc=true

Request Chain 230

https://googleads.g.doubleclick.net/pagead/adview?ai=CFMU3233aZOG9FLHvn88PuYKH4A_g6uzOcYu5o5CMEdzZHhABINXY2ilg--GFg5wKoAGV2-3EA8gBCakCSoEp5l9csj6oAwHIA8sEqgS6AU_Qf2Td44sQVr3pMGh6SOhbh66brDgzygfZZNbrWf73SQMs9Vx0QA6QY-_PN5uHS1UgyBTiy5ruLjfqbnbbwuKQpoINtkE4j_SDeGHn4jMl1ggW4It8rkkegvTf-xtRkjiHPf2KBAs9JtcG-5cO2JkLTXxAa3PUMicgiHfM1OBzhAeDxmHRqlyPvC8MbsvcnwJMld59fyTtAuUOzWJjpYA_f_yPDrPe0IbyrhMYUm5NNKYWRKCpJYjVQcAEy4iB8J8EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6G-7TaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ4oEC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJLGh0dHBzOi8vd3d3LmJvbnByaXguZnIvY2F0ZWdvcmllL2ZlbW1lLW1vZGUvgAoByAsBogwIKgYKBMOwsQLYEwuIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk0Mjg0NDI2MTE0NzczNBgA&sigh=_mHSbpLnH1Q&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW-Q8MvXsSqo9w6DUkcUNGoB-uHTWObBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229070343253285478288%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22949710229%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221239860381162311105%22}&andc=true

Request Chain 248

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 250

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDL29-CbxCYARiYATII3b85x72i7WQ HTTP 301
https://tpc.googlesyndication.com/simgad/13955093383767687306

Request Chain 301

https://googleads.g.doubleclick.net/pagead/adview?ai=CcNb_233aZOScIuzXn88Ppo2noA6z8N-rcuzLseGtEeGu2K2SOhABINXY2ilg--GFg5wKoAHjwKvHA8gBCakCSoEp5l9csj6oAwHIA8sEqgS5AU_QGuejwBrg34Qr2LSHEJ_L4-yJdFWhmWS8sOEDILMAWVAD5Ex05DDbJ01mib2xWNj2THnk2JhM5wtZA5yo5GnMiK-NM4ikwkrTVRmwrw5BF3295RQou-AT1iA5oht4BaKAURu_OcBsckD-V69tut_gKVtr2xsyL6ZpV0bHZv64EZxb-KHFOq1K0qQZwOtHKJD2rgqPRtM_vu-PnLbRqMPisTgIaJXtWYjDdDMt9clV0aw-IxIejw9wwAT9vKvBnwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHhbXkI6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCVlAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkjaHR0cHM6Ly93d3cuc3R5bGlnaHQuZnIvSG9tZS1Xb21lbi-ACgHICwGiDAgqBgoEw7CxAtgTC9AVAYAXAbIXHAoaCAASFHB1Yi0xOTQyODQ0MjYxMTQ3NzM0GAA&sigh=RVzWbh7DEXI&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWkSGF0FUWSCvndCP-vQviRXfjbyqURMaikMF-GE51TeH18D2XR59mDTiUbo5qcRRu9M2n2W9X4XmgSxeM-JDgi2n2r4CMoNsYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226336855918748205915%22,%22debug_reporting%22:true,%22destination%22:%22https://stylight.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954916963%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214992667009861759089%22}&andc=true

Request Chain 319

https://um.simpli.fi/gp_match?google_gid=CAESEI7gfa588Smm8lVGD8YJSvU&google_cver=1&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_otyDO25Iy6RoBhkp-IZqACqGA9qCf5INbI7mpVf1ESFsaXp74irMdDpeOK3_AM10lSNK8LWNUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31F5D41984874F378FE864C0BD9B1C98&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_otyDO25Iy6RoBhkp-IZqACqGA9qCf5INbI7mpVf1ESFsaXp74irMdDpeOK3_AM10lSNK8LWNUE

Request Chain 321

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JIjU_3SOXxSY8dHBSNqMAXkGK1WSsk5aqt9TvhgM_ObGH-orD3EtfBxi4wEvtVaJ1d2TjV4mSbKANVJxS_f3V0d4QWM&google_gid=CAESEGARWhkpDhuD_w-BYIrfi4A&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JIjU_3SOXxSY8dHBSNqMAXkGK1WSsk5aqt9TvhgM_ObGH-orD3EtfBxi4wEvtVaJ1d2TjV4mSbKANVJxS_f3V0d4QWM&google_gid=CAESEGARWhkpDhuD_w-BYIrfi4A&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA4MTQxOTE3NTAwMDAxMDU4OTk1Nzg1Mw%3D%3D&google_push=AXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JIjU_3SOXxSY8dHBSNqMAXkGK1WSsk5aqt9TvhgM_ObGH-orD3EtfBxi4wEvtVaJ1d2TjV4mSbKANVJxS_f3V0d4QWM

Request Chain 323

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBuL6C_O4UGMeITZ9Y6g-vQ&google_cver=1&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55Gv1WU4I1FKJW7JTzeiRbcUhVA5WqzMEvAs6YaGTdp2KDqwwvNV8oNwDV-06IWapkhE-e_1xjso29cPc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBuL6C_O4UGMeITZ9Y6g-vQ&google_cver=1&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55Gv1WU4I1FKJW7JTzeiRbcUhVA5WqzMEvAs6YaGTdp2KDqwwvNV8oNwDV-06IWapkhE-e_1xjso29cPc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MjM2NTE3NTk5ODkzNTc3MA&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55Gv1WU4I1FKJW7JTzeiRbcUhVA5WqzMEvAs6YaGTdp2KDqwwvNV8oNwDV-06IWapkhE-e_1xjso29cPc

Request Chain 325

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFXo172fb5m0v9KrQSKrgLE&google_cver=1&google_push=AXcoOmR1vx02bzWDJaNHUKa1P0pkliwqLmgmTo7eEYzUZeEmEMT9nJvLg5SNAOP1r11aJpQDaD3_xOGkVwAXVIWWpgdfuPxQy-fXyHjxSTq90o0w1pfv9c8LZPS2p9eLKQZuOF-sbqw9QD6dflQPRBAMNGqJRcZ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR1vx02bzWDJaNHUKa1P0pkliwqLmgmTo7eEYzUZeEmEMT9nJvLg5SNAOP1r11aJpQDaD3_xOGkVwAXVIWWpgdfuPxQy-fXyHjxSTq90o0w1pfv9c8LZPS2p9eLKQZuOF-sbqw9QD6dflQPRBAMNGqJRcZ0 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 333

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 338

https://googleads.g.doubleclick.net/pagead/adview?ai=CeA1z233aZI2nEMrxn88PiJ6dqA7Yq9aXcLa-3qbvD_LKzvvzLxABINXY2ilg--GFg5wKoAGtlprZA8gBAagDAcgDywSqBLsBT9C2Jt69yin-JpKcCwD_nz_UO2jXuiRY2-0SDy60m6Ld4s09pB9rxBU2UZEvFvcycvGziYClRaJFNMtVk2-r9L3f8bQyfU4Q215j7tCLyCPjs10kwp-c7YQXS4LWFB6BOkbi5vwNDnHkfO9MqVj60qcPPXYjCiBpwhm-_VtkCXyvcXl7OL6vK6NbOdhRhc2RIWnslNM60241MrqZ4_PjZWfK7JAWNcL4zhBN1GrIZX3g61l96LG3FemvrMAE1dKQku4DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB7vp5SaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCEmAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglDaHR0cHM6Ly93d3cuYWNyb2Jpb3N5c3RlbXMuY29tL0E5NzQtSW1tdW5lLUNoZWNrcG9pbnQtUHJvdGVpbnMuaHRtbIAKAcgLAaIMCCoGCgTDsLEC2BMKiBQC0BUBmBYBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=UN58MkBx4RI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW4TCdpMn0DJGwiP0-Z_nf2_lGm0E5QBgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223995241106282257442%22,%22debug_reporting%22:true,%22destination%22:%22https://acrobiosystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992381741%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216574173729908183633%22}&andc=true

Request Chain 340

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

383 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ldiena.lt/
Redirect Chain

http://ldiena.lt/
https://ldiena.lt/

97 KB
15 KB

103ms
64ms

Document
text/html

62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 86898e07bb954a8cd2547b2ef7ef0d002eb5fea616fb9dc505f152f2d7f4935d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate public, no-transform, must-revalidate
content-encoding: gzip
content-length: 14538
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 285
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 14 Aug 2023 19:17:46 GMT
Location: https://ldiena.lt/
Server: Apache

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 98ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22287
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e59798e8fe3fa64d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 straipsnis.css
ldiena.lt/css/ 6 KB
2 KB 20ms
18ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/css/straipsnis.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 593ddd828505463163d4765f4d9ba067ddeba59ef91f4383f4fe0ab8cc5f2fbf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:12:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 1768
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 70ms
29ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 13889140
cdn-cachedat: 12/25/2022 15:19:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 986d939b1775942f725c370c90ac6ee7
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7f6b8a35ccedd5a4-CDG
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.css
ldiena.lt/assets/68c14a9b/css/ 143 KB
21 KB 23ms
22ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 21330
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 site.css
ldiena.lt/css/ 7 KB
2 KB 20ms
19ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/css/site.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 1c37842faf2d35dbed89fab63f431a9ae1f4ed14ce20152f11f5167ffd5b0335

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 08:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2178
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 regular.css
use.fontawesome.com/releases/v5.8.1/css/ 675 B
1 KB 80ms
29ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/regular.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WJBSHCMMR9D2H9FZ
age: 1339616
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b5Z4FV4GPmGw2WCqy6wM8ZwJEBEDkTS+pLi6c7XiRN/hwnwG1Dix0m4RzrL4YnPsJDJ9mkgrFsoOyjAFCHXlrm2twnlEQECiry6JsQIc3YE=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"b7c0350118f1465ba68e3b7c93fcc360"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3vvLMoqQxMflMhK9q43ykIzNwE8BuYhGbhMY4eDZ8Ft8594Ek6xSzrTStvghWxSYEb3HH6%2FUmKGODEDtMslpHNLM1LyTbUmw%2FHDbZmIp06cg3TLcqjXpegRdOZcpBvcfnJP4TajrXOVD4jPfZmp01PR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f6b8a35de3dd170-LHR

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.8.1/css/ 660 B
691 B 85ms
34ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/brands.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TJW1YW8TR4A0KG7
age: 1517249
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Vr4RGcGsnQDBjgqpuzFY/4sBZ4C3xF0+VpjDJ2EUoCF2W98q/rBstWA68E7EXnuN5X5eYiB8txE=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"c9fcdfd0e53dec8552f9dd3b40f75973"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWRR9akuk0IxhLvq1QbHFOTT8gdytaJSddxoINptTnphDsdSPul9v9jxFnkmsCX74yPDI8CSYtK39wYURpANdZ3%2BSjao1EO95E4kTxkMP3pYyZ2KG%2FyroBM8MkZJMFpRr5eEel5w5KW%2B3vsTCCzKLqWU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f6b8a35de3ed170-LHR

GET
H2 200 fontawesome.css
use.fontawesome.com/releases/v5.8.1/css/ 52 KB
12 KB 83ms
32ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/fontawesome.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TJG0898MKSC7AXE
age: 1517249
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rmAwunR4hGSr/UgmIpaobMmpQuvUlPCsiXs7h0nh9xwJa9G5Sj/uUQCVjMWudcws4aO/y6zpNdo=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"f87b6becf6c4595d38a59016c2460a0b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xe0e12blI6RxQU7snhGdN17a%2F%2B1mqaSq1MHJ%2B6ySyDB79W1du0n%2FhsOCbk8l3eyhfNCq86bKdvr5MCPCkCV2vCqJl20m54osRxnZmX75o9DNlg8T2oUssc1cNzGqtjNLrrIGVtZqUMianAwDi6ShhjC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f6b8a35de3fd170-LHR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 152ms
79ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae5302b36ad21c4c26a5200af72bd6b966a1721f438a3626f91e00a0b522d1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51031
x-xss-protection: 0
server: cafe
etag: 17528952695131769812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 156ms
83ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "4ee5ccd9f9b5be3f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 111ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11131269-2

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a96f862b61edf72ada5b6869c21a75b05427534840b1274b329747d325628682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66545
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 76ms
22ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21c225ab4891c442dbbf1e7350985372230bd0de01e87c498da4b8dc55979c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:46 GMT
content-md5: 9eiGZylycIRjusS8UsLvEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: YVzOS5V/U8X0aYxqmoNAZ+Flf9lHHG69FnCJjOzBvY3MRcoSyJTaBbTbiT9t9ATlt6r/NAMmSHk98l/ZOrRVIw==
x-fb-content-md5: 6039c0b324e8106eb3fbd9c80559aafd
cross-origin-opener-policy: same-origin-allow-popups
etag: "d0868d69483cb3ea5d5473babbf6523c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:29:47 GMT

GET
H2 200 ldiena.lt_logo.png
ldiena.lt/img/ 2 KB
2 KB 26ms
19ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/ldiena.lt_logo.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 849f4f58df22077189f77b312aeb1bc0642288c911d346b7fa80111d1408de9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Thu, 10 Mar 2022 12:21:00 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2026
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 ldiena.lt_logo_xs.png
ldiena.lt/img/ 568 B
694 B 25ms
18ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/ldiena.lt_logo_xs.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 1c19fd6f94185384a2bb6bd132bd1c3446c1f24e54e3899dc4e4f16f7a67e509

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 568
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 siauliu_bankas.png
ldiena.lt/img/ 4 KB
4 KB 26ms
19ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/siauliu_bankas.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 15669ee5ed8e7be020a4f5239730fd0141fae0874b9ca3e374c6cf850a318ff5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3645
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 btn_donateCC_LG.gif
ldiena.lt/img/ 3 KB
3 KB 27ms
20ms Image
image/gif 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/btn_donateCC_LG.gif
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/gif
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2993
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
391 B 90ms
19ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F05) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (paa/6F05)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Mon, 14 Aug 2023 20:17:46 GMT

GET
H2 200 2_eurai.png
ldiena.lt/img/ 10 KB
10 KB 27ms
20ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/2_eurai.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 099baa18a1a63c26de3d955f810e8198c982e27995be08802257d5a879df084c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 10613
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 5_eurai.png
ldiena.lt/img/ 10 KB
11 KB 27ms
21ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/5_eurai.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b26d0ff11c4773969989c4774c870b2e6bb60d510d3f8c29e3e69c02528a54ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 10733
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 10_euru.png
ldiena.lt/img/ 9 KB
9 KB 28ms
21ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/10_euru.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: a0d2a65319ca8743b05f15bc9f030945320201de8b44faacab6cd924951b1987

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 8737
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 patreon_ldiena.png
ldiena.lt/img/ 4 KB
4 KB 43ms
37ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/patreon_ldiena.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 5ced7d22e43f831fe94c260885cd2254494d5a3714ec694c08befa54703f57d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3933
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 video_icon.png
ldiena.lt/img/ 3 KB
3 KB 44ms
38ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/video_icon.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 774b0b3fa78d445153630480c76c1eebe2903b8d4fb2bd861aa85510c0ca2784

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Wed, 22 Jun 2022 17:51:09 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3500
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 patreon-logo.webp
ldiena.lt/img/ 33 KB
33 KB 64ms
58ms Image
image/webp 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/patreon-logo.webp
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 34c6c1bb0a5a0bf9bab65f4f347106505abcd0fab729a9dbe4b1567190ee8fcf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 05:39:50 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 33258
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 paypal-logo.webp
ldiena.lt/img/ 22 KB
23 KB 61ms
55ms Image
image/webp 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/paypal-logo.webp
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: f32ad5e5838597651b666edf629cd85d4d92df6b64c01c7055d9ae30ecd5d256

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 05:48:21 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 22991
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 n-starikovas-lietuviskai.jpg
stalin.lt/63-large_default/ 525 KB
528 KB 440ms
18ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stalin.lt/63-large_default/n-starikovas-lietuviskai.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 65f7c5cce1e5b51c78fa472bc44ebb64bfa42403f07e8fcecfdfa129517a618f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Mon, 08 Nov 2021 00:59:21 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 537122
expires: Wed, 13 Sep 2023 19:17:47 GMT

GET
H2

200

embed_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

46 KB
15 KB

165ms
33ms

Script
application/javascript

173.222.108.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Server: 173.222.108.170 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2256ad48
date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: a2mC7RA9gA0jSaiCieTPqA==
x-cache: TCP_MEM_HIT from a173-222-108-166.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 14603
x-tos-request-id: 982181631161860263631161-af54d1e
x-tos-response-time: Thu, 03 Nov 2022 00:54:58 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
etag: CPXr0NbkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=295131
access-control-allow-credentials: false
x-tt-trace-host: 01b6cf6988c0736264268e08acf78ae67630ccbc3e1611616a439f5e24f93e1dfbef33a2aef23d427be05c4abd3342f62d758b7c3a027cffb1fb9df939f08dacd8f241979f08460fa0aad9d9378443df590a80c884ed7ced14c7b136027a142f12e912ecd2a65b9ca70d4eaed1c8da5955
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

x-akamai-request-id: 1b8f76d0.9db63368
date: Mon, 14 Aug 2023 19:17:46 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 98,23.206.213.15
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=3
content-length: 138
pragma: no-cache
server: nginx
x-tt-logid: 2023081419174501B8C70E2B057EB40556
x-cache-remote: TCP_MISS from a23-218-220-53.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
content-type: text/html
location: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.218.220.53
x-tt-trace-host: 015f587c6f519c953866e0424f04ed419e62a5837cb0f6f02c4503e732d38894f64393c32bb5ee215a321f2ff3167fba5fd100b31e9867f7c227d52c5d91ee1f5170121708b6201ea78e1fb01b280e7899
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 7895.js Show response
cdn-rtb.sape.ru/teasers/js/895/2/ 0
420 B 195ms
64ms Script
application/javascript 185.12.127.178
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/895/2/7895.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.12.127.178 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 177B1E9CF4FC4B4C
x-cache-status: REVALIDATED
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Mar 2023 08:52:14 GMT
server: openresty
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:17:46 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 251ms
120ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e0e934022f9db437d7376661b2125d8b394cc02bd369e1ef8410d0dd94bf903a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:17:46 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Connection: keep-alive

GET
H2 200 katyte.gif
ldiena.lt/img/ 109 KB
110 KB 42ms
37ms Image
image/gif 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/katyte.gif
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 311bece61c46caaee7c7ffe7fb9ea30388b35aa3d4d1d18eabd4613286c0d09f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/gif
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 111487
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 map-big.jpg
i.postimg.cc/fyCsFMmt/ 308 KB
309 KB 50ms
14ms Image
image/jpeg 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/fyCsFMmt/map-big.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 48623a201c1f4227333a0227f351a950bc21f5d7034f88d6330db8d933f16e54

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Fri, 11 Aug 2023 08:03:05 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 315446
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phptEckOz.jpg
evaizdai.lt/di/TESD/ 71 KB
68 KB 232ms
163ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evaizdai.lt/di/TESD/phptEckOz.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: f02763b2320d67f372fc1f9a7338b4d697d05e2acc9747cd4b73da6f83587a2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 16:23:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: maxage=1209600, public
expires: Fri, 09 Aug 2024 16:23:57 GMT

GET
H2 200 phpDHiD8U.jpg
evaizdai.lt/di/ZSC8/ 100 KB
98 KB 136ms
71ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evaizdai.lt/di/ZSC8/phpDHiD8U.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 18eb995109b8823f58de46d286ea32b87024979468bab3a8f59879d754ebeaa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 14:41:21 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: maxage=1209600, public
expires: Fri, 09 Aug 2024 14:41:21 GMT

GET
H2 200 phpg97YjS.jpg
evaizdai.lt/di/C6E7/ 73 KB
68 KB 278ms
216ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evaizdai.lt/di/C6E7/phpg97YjS.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bac8f978a971d06d6bf678fb31b905686bc1c7ec8e7978e7fb9bbe359af86c73

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 18:01:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: maxage=1209600, public
expires: Tue, 06 Aug 2024 18:01:58 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/T_2I5zs0Bz8/ 7 KB
7 KB 120ms
25ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/T_2I5zs0Bz8/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44566ebe2b3c8736d69cfa1aeb2c4d07136d5dd938ad38cafe0d2f30c2d71455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:19:24 GMT
x-content-type-options: nosniff
age: 3502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7005
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Aug 2023 20:19:24 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ySLc8gZ3oEc/ 22 KB
22 KB 140ms
53ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ySLc8gZ3oEc/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9ee46b4ec120f6fc3528a4bb190300e3d03f86047239f83c7fdeb3c572c79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:35:08 GMT
x-content-type-options: nosniff
age: 2558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22370
x-xss-protection: 0
server: sffe
etag: "1454705309"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Aug 2023 20:35:08 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Dko8PT5kD5g/ 27 KB
27 KB 92ms
28ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Dko8PT5kD5g/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87953a199ac20eb6fb6adb024007fa9437e65847bc69fa241ce494694494d8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:00:09 GMT
x-content-type-options: nosniff
age: 4657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
server: sffe
etag: "1537147939"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Aug 2023 20:00:09 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/wYaN6I0w_gk/ 17 KB
18 KB 123ms
65ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/wYaN6I0w_gk/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b0e8b6b1aeb8070aac3af01805fb563ca90e17cc892ac31c048ca801911924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 17:34:38 GMT
x-content-type-options: nosniff
age: 6188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17918
x-xss-protection: 0
server: sffe
etag: "1436102200"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Aug 2023 19:34:38 GMT

GET
H2 200 informer.min.css
ost1.gismeteo.lt/assets/flat-ui/legacy/css/ 8 KB
2 KB 205ms
65ms Stylesheet
text/css 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/legacy/css/informer.min.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 16:04:30 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: W/"64d50a8e-2019"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 gisloader.svg
ost1.gismeteo.lt/assets/flat-ui/img/ 2 KB
1 KB 60ms
59ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/gisloader.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: W/"616590dc-8a0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, public
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 logo-mini2.png
ost1.gismeteo.lt/assets/flat-ui/img/ 680 B
891 B 61ms
60ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/logo-mini2.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-2a8"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 680
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 gismeteo.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 189 B
404 B 61ms
60ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/gismeteo.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-bd"
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 189
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 forecast-2weeks.lt.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 205 B
420 B 62ms
61ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/forecast-2weeks.lt.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-cd"
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 205
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 / Show response
www.gismeteo.lt/api/informer/getinformer/ 11 KB
3 KB 486ms
338ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.lt/api/informer/getinformer/?hash=EWr00nUiAM2573

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

83bad0d5317f2ecc3bfeb4f5854b96dc996f4e033e9c97e5dabdf9b63b9ac484

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-encoding: gzip
x-dc: pl.router-cdn-pl02
x-decepticon: 0
x-bck: 10.33.250.30:9000
x-xss-protection: 1; mode=block
pragma: no-cache
server: gis
vary: Accept-Encoding, Accept-Encoding, Accept, User-Agent
content-type: application/javascript; charset=UTF-8;
access-control-allow-origin: *
x-ssi: 11
cache-control: no-cache, must-revalidate, no-cache, no-store, must-revalidate
expires: Mon, 14 Aug 2023 19:47:47 GMT

GET
H2 200 / Show response
www.gismeteo.lt/api/informer/getinformer/ 11 KB
3 KB 402ms
297ms Script
application/javascript 193.16.47.244
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.lt/api/informer/getinformer/?hash=g8kk41AQyMArsT

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.244 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

37835941b76a33209d01c80223748f762144c36d9724a784f31297113fda40a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-encoding: gzip
x-dc: pl.router-cdn-pl02
x-decepticon: 0
x-bck: 10.213.18.208:9000
x-xss-protection: 1; mode=block
pragma: no-cache
server: gis
vary: Accept-Encoding, Accept-Encoding, Accept, User-Agent
content-type: application/javascript; charset=UTF-8;
access-control-allow-origin: *
x-ssi: 106
cache-control: no-cache, must-revalidate, no-cache, no-store, must-revalidate
expires: Mon, 14 Aug 2023 19:47:47 GMT

GET
H2 200 torentai_logo_mazas.png
ldiena.lt/img/ 12 KB
12 KB 57ms
54ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/torentai_logo_mazas.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 57034146eeb6626976bc238d640836e5580c921fbb33a51f0b4ae500226a4005

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 12380
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 durnlaiv.png
ekspertai.eu/static/uploads/2014/ 198 KB
199 KB 141ms
65ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ekspertai.eu/static/uploads/2014/durnlaiv.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22eb537ab9a4652390b1dd727b804cea08fdbc75ff1063c7cfc46f5abfe6f4be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Mar 2018 08:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31835-567ab60f08fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO%2F2FqmAM5j5AW9kV3CY9RRX3yDEbnpzktOYCPnm4laaJ0j9wMV8QTwp2NXAiBL%2F3kyz0fBRQA2n1IySK6RBi0YqGeoJPGL4C6dpgsULH2icNUfNPz5RA5A9gRRMERMxugVhwaDQxltfDnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7f6b8a386da101fb-CDG
alt-svc: h3=":443"; ma=86400
content-length: 202805

GET
H2 200 270024.550xp.jpg
b1.culture.ru/c/ 30 KB
30 KB 474ms
207ms Image
image/jpeg 82.151.106.131
BELSVYAZ-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1.culture.ru/c/270024.550xp.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.151.106.131 Belgorod, Russian Federation, ASN29456 (BELSVYAZ-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 303791692bb0264fcf09d5e66ae5aa438066b6004e7a46a5a86ad0f3224cf6b3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Thu, 10 Dec 2015 09:45:24 GMT
server: nginx/1.20.1
etag: "776f-25iDcOjLIpC/ukW3SDvuLg"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400, private, no-transform
content-length: 30575

GET
H2 200 taupykle.png
ldiena.lt/img/ 14 KB
15 KB 56ms
53ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/taupykle.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fb7563dea75e6b91358d0ef891f7ed4f9b24ef905d6daf3135b4efea111cbaa4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 14757
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H/1.1 200
OK count.php
www.hey.lt/ 470 B
1 KB 151ms
47ms Image
image/png 109.235.67.100
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hey.lt/count.php?id=ldiena

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.235.67.100 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),

Reverse DNS

server.hey.lt

Software

Apache /

Resource Hash

ce32bada0515778ea8cdbf2b26a15b6794138412e93a991a27eead1d3b439862

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:17:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: Apache
Content-Security-Policy: frame-ancestors 'self'
X-Frame-Options: SAMEORIGIN
P3P: CP="NID"
Content-Type: image/png
Cache-Control: max-age=604800
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: close
Content-Length: 470
Expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
14 KB 87ms
36ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90bfd2a150346405da0d1599565c6fd43302b2efc9ec46155acc01d6c16f9250

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 11:14:02 GMT
server: cloudflare
age: 26164
etag: W/"64da0c7a-9835"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7f6b8a367e81d211-CDG
expires: Tue, 15 Aug 2023 00:01:41 GMT

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

186ms
144ms

Script
application/x-javascript

2a03:2880:f245:e0:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ae19035f071756479bd884d42de186d1ec65d146d14d71cd9c8573b7086dfca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:47 GMT
content-md5: aTGrRYUshUJRI0Pvo5gd5Q==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19524
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: nZeVyqmkFM3pHP9W0z4YzgD9YAQW6LrpNtR1GrZ5Z3kLgsQtINYx4D5bNp+7ZZyaKclKHfwVZTqccJvcOeS+HQ==
x-fb-content-md5: f35d461b9e21a30f037b05003340622f
cross-origin-opener-policy: same-origin-allow-popups
etag: "8c6bf75df213a39315511941c25e1b43"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:37:47 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Mon, 14 Aug 2023 19:17:46 GMT
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 82ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-17b8b"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1692040666.cdn4-pxy223-cdg02.pa1.evs,1692040666.cds233.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 33738

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
11 KB 33ms
24ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 947
age: 13884478
cdn-cachedat: 11/22/2022 18:29:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1ad47c7e656a5f55b3e8e5e23b37597c
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7f6b8a363d3cd5a4-CDG
cdn-requestpullsuccess: True

GET
H2 200 jquery.js Show response
ldiena.lt/assets/1579e573/ 252 KB
75 KB 37ms
28ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/1579e573/jquery.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 all.js Show response
ldiena.lt/js/ 2 KB
556 B 30ms
21ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/js/all.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d9edb58e7cb61cb239c80d45483f65e9eda75e25d3158eca05b6344bd94ea0ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Sat, 02 May 2020 14:00:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 482
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 yii.js Show response
ldiena.lt/assets/bc89529c/ 19 KB
5 KB 32ms
23ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/bc89529c/yii.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 70f06515e47160b02727a63c493c438e94c83be804116ae7fdeb656b3c3a5df6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 5526
expires: Mon, 21 Aug 2023 19:17:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 14 Aug 2023 19:49:43 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 201ms
67ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-12752"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75602
expires: Mon, 14 Aug 2023 20:17:47 GMT

GET
H2 200 28968.jpg
ldiena.com/uploads/str/lg/ 47 KB
48 KB 243ms
34ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28968.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 0ec7a15caa320d6f4fbd58b4ecbc838477a1d37fc51cf415d36af1fcaa9df55e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:15:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 48257
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28967.jpg
ldiena.com/uploads/str/lg/ 29 KB
30 KB 218ms
34ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28967.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 26b7d660dae76938aafe9f2a50cfb7bb2aacc562169e4b77225fa6287aa7e20b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:44:23 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 29944
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28966.jpg
ldiena.com/uploads/str/lg/ 29 KB
29 KB 219ms
34ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28966.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 26b7d660dae76938aafe9f2a50cfb7bb2aacc562169e4b77225fa6287aa7e20b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:43:09 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 29944
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28965.jpg
ldiena.com/uploads/str/lg/ 63 KB
63 KB 219ms
34ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28965.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b639df794cad92fe6517815e89d4d3b726d96a6ea5f69b1b0136adc02215af2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 11:12:00 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 64383
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28964.jpg
ldiena.com/uploads/str/lg/ 22 KB
22 KB 23ms
20ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28964.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: af011910eb030e440837638795ea77eab961f6416a474d75cd02df1d49e24a9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:45:56 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 22213
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28963.jpg
ldiena.com/uploads/str/lg/ 50 KB
51 KB 22ms
19ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28963.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 343bc476fd2c2de20b0b85d2b9a5fd75d21706f3477495ed2c13efbcef1e77ed

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:33:38 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 51503
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28962.jpg
ldiena.com/uploads/str/md/ 16 KB
16 KB 23ms
20ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28962.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 4e2405efc3fb55b666f01a469a99acecf1a90d69c16173aa5eb3a9eb41581e69

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 14:12:01 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 16297
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28961.jpg
ldiena.com/uploads/str/md/ 24 KB
24 KB 22ms
19ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28961.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8233fb40fd229cb257865de906c45e7145de537bcf630a9e622cdb602d38e4a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 10:14:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 24742
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28960.jpg
ldiena.com/uploads/str/md/ 21 KB
22 KB 22ms
19ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28960.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d7739356f34c6344c0499c87a16cc801de762a574a3f893f75ce0460eeddd528

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 10:20:52 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 22001
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28959.jpg
ldiena.com/uploads/str/md/ 28 KB
28 KB 26ms
23ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28959.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: eb522887f794ee71c70ae138e5a976122e3dae6fbb1aac9db0b0279104510bee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 10:06:35 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 28221
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28958.jpg
ldiena.com/uploads/str/md/ 34 KB
34 KB 24ms
21ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28958.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8d17cfac410bbe2e2cdf5d95cecadcf0693e72afc8b381a02cf3d928db04d6cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:51:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 34761
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28957.jpg
ldiena.com/uploads/str/md/ 40 KB
40 KB 24ms
22ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28957.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: dc69ab961e9ca0976d7675527eb07244dd6e97e3e6934b3f9d1586914a5355e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 05:45:19 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 40845
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28956.jpg
ldiena.com/uploads/str/md/ 28 KB
28 KB 23ms
21ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28956.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: c8a1466d0c29bf1f195520f6c110a505f76ed47e7e8d3e6d14ba479d3aefa5f0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 05:46:46 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 28582
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28955.jpg
ldiena.com/uploads/str/md/ 12 KB
12 KB 24ms
21ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28955.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 3d31847fd214acfaf7a0853f49c9b8fc8ce1712c7e2981cf62bd054742dae620

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 10:05:14 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 11869
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28954.jpg
ldiena.com/uploads/str/md/ 14 KB
15 KB 24ms
21ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28954.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bea32aa4f71bffbb982ace70f8f928c3e3cf962b4161a24ae4af3694200e6abe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 12:51:25 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 14694
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28953.jpg
ldiena.com/uploads/str/md/ 16 KB
16 KB 26ms
24ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28953.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: e22b58419109b8802bfbdca49b2a4cf7a9a2ba756e9a7edf6fd44f0d9e7f0b8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 17:53:26 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 16581
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28951.jpg
ldiena.com/uploads/str/md/ 26 KB
26 KB 26ms
23ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28951.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 090bd5769c23ae586c1557c262f0a469251faf138f3d9861281f596e36597f7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 16:22:28 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 26553
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28950.jpg
ldiena.com/uploads/str/md/ 17 KB
17 KB 26ms
23ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28950.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d7d2103d49c2c1a7dbc6287768859bf4d7543a17b0f9e878788a4561c4425b39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 12:46:20 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 17062
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28949.jpg
ldiena.com/uploads/str/md/ 46 KB
46 KB 41ms
38ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28949.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 74e11e446af46e8f813c3bfb6f08012c6e4f8586a7446a70b71493e6bbe17477

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:23:42 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 46643
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28948.jpg
ldiena.com/uploads/str/md/ 25 KB
25 KB 41ms
38ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28948.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 019d844325395d44a6a12ecb79e36bcce1ff80d5d00664504beec42cf9ca450c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:32:53 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 25554
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28946.jpg
ldiena.com/uploads/str/md/ 25 KB
25 KB 41ms
39ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28946.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: ffc8160e09c55f7352b6628930391ea311b69c26a5ec13758142aa1c2472e1e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:30:39 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 25254
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28945.jpg
ldiena.com/uploads/str/md/ 26 KB
27 KB 41ms
39ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28945.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: efbe4b8b14669e009b7de6409e679d41febc6993c6bb1d2a330696e6a6c6b45c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:31:32 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 26957
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28944.jpg
ldiena.com/uploads/str/md/ 17 KB
18 KB 43ms
40ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28944.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 6f7c213203c2b628b6ed8d67a288a4bfaf906eac371dd26ad79f3d9f1c0ea2cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:32:29 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 17917
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28943.jpg
ldiena.com/uploads/str/md/ 24 KB
24 KB 42ms
40ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28943.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 15e9c0f02df3d221e5f65d0623bda770216d6d3e3fe71aad97a6d893c8d8b291

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:33:52 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 24548
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28942.jpg
ldiena.com/uploads/str/md/ 15 KB
15 KB 43ms
41ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28942.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: dea95ebd6bc1d6368d3c37e77f7775461d7ec50c44f5a55ca1f23e2922914e23

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 14:38:04 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 15452
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28941.jpg
ldiena.com/uploads/str/md/ 13 KB
13 KB 44ms
41ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28941.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 41dda71c2f4e883598b5284d6f08df800d21846b5b55baaf551253b01f503049

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 07:07:01 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 13163
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28940.jpg
ldiena.com/uploads/str/md/ 12 KB
12 KB 48ms
46ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28940.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 172ec923a137f7e64f2547599a1e2ffa62e3706a81c49ccebfcc09356e1f6611

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 07:14:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 12630
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28939.jpg
ldiena.com/uploads/str/md/ 14 KB
14 KB 44ms
41ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28939.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8e6393607cb8b9e94c1d8d87fe710ca00e029cd82cbdc93ef8efeb1288ab8994

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Mon, 14 Aug 2023 08:22:20 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 14121
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28938.jpg
ldiena.com/uploads/str/md/ 20 KB
20 KB 46ms
44ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28938.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: af54b5bd391d1e1de324be65f9c8852011540e056a55bece0214f87594d434eb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 05:06:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 20300
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28937.jpg
ldiena.com/uploads/str/md/ 16 KB
16 KB 47ms
45ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28937.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 71d83b5db7231065004bf32d20d688ea487894c0ba08a6904b3a447cfaae948b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 05:07:33 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 16283
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28936.jpg
ldiena.com/uploads/str/md/ 33 KB
33 KB 47ms
44ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28936.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 24b0b81c82d1f07736452a6f7831fa0c2b051fadd09cc643b94a6d5282dadbe0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 05:08:49 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 33479
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28935.jpg
ldiena.com/uploads/str/md/ 20 KB
20 KB 47ms
45ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28935.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 2cb72c7da4366275e230180c48af3c2b32c7221ce5b2bbd28df2caefd4a942c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 05:10:16 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 20725
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28934.jpg
ldiena.com/uploads/str/md/ 24 KB
24 KB 48ms
45ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28934.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 5aa989b315c883b7023e82ef35cbe90f426d70131136f1d85b0d98842ffb662c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 12 Aug 2023 20:26:10 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 24502
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28933.jpg
ldiena.com/uploads/str/md/ 20 KB
20 KB 48ms
46ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28933.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 41eb0f09c31f179c415d30f5a28d0af402a1e54ee10b2cc7eb53c5cad2381117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sun, 13 Aug 2023 10:13:14 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 20739
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28932.jpg
ldiena.com/uploads/str/md/ 19 KB
19 KB 49ms
47ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28932.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b327e15072593cd2f690f7b7b32d257aa1b3b173c440211aad74b3f355e3245f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Sat, 12 Aug 2023 11:56:34 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 19083
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 28931.jpg
ldiena.com/uploads/str/md/ 15 KB
15 KB 50ms
47ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28931.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bfbac118d72d491649359a23cb82ea360915c4f45e538c7441eed2ee2f99819b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
last-modified: Fri, 11 Aug 2023 19:20:45 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 15321
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
ldiena.lt/assets/68c14a9b/fonts/ 18 KB
18 KB 44ms
44ms Font
font/woff2 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/68c14a9b/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 18030
expires: Wed, 13 Sep 2023 19:17:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=19fcf74f976072d8c899b746bd1db718

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

121800e8d21ec5a7f42ffc88272f5c08e5ec7f17062cf9e7afe4d95cd7fb0875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:46 GMT
content-md5: DpdwncpbXbBdT672Qnjo4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88675
x-fb-debug: hCLfdMhuky3PN3pmeWJIS+K+52tfe4RBmWzfe1sXkw6qFoljDf3kQ8HhCRzefUFc3v0+wGR685Ecb61CMqMmqA==
x-fb-content-md5: bbd821c443082064fe48c4eefb7e9799
cross-origin-opener-policy: same-origin-allow-popups
etag: "eb0295378ca15be394aeaee69e721323"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:15:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B41L423S6L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11131269-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76798b31695f4dfa0d336a1ad582ab11bcb4319bebbff2b3ebef7c688ed19278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 356 B
697 B 155ms
153ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10241118&u1=DCFC685057B94F1588F8859CFB4DB6A9&java=1&security=08b3b12a&sc_snum=1&sess=TEST&sc_rum_e_s=810&sc_rum_e_e=814&sc_rum_f_s=0&sc_rum_f_e=705&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//ldiena.lt/&t=LDiena.lt%20%C5%BDinios&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2f4dc957632d62dcdd71f2b03d94b981e538829ca538f720823b1ddc439faa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://ldiena.lt
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7f6b8a376eedd211-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21c225ab4891c442dbbf1e7350985372230bd0de01e87c498da4b8dc55979c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 19:17:46 GMT
content-md5: 9eiGZylycIRjusS8UsLvEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: YVzOS5V/U8X0aYxqmoNAZ+Flf9lHHG69FnCJjOzBvY3MRcoSyJTaBbTbiT9t9ATlt6r/NAMmSHk98l/ZOrRVIw==
x-fb-content-md5: 6039c0b324e8106eb3fbd9c80559aafd
cross-origin-opener-policy: same-origin-allow-popups
etag: "d0868d69483cb3ea5d5473babbf6523c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 14 Aug 2023 19:29:47 GMT

GET widgets.js
platform.twitter.com/ 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 372 KB
126 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1942844261147734&plah=ldiena.lt&bust=31076951

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4146c0b197501c583be2d258b642fdbece013f316b7b49dd5851bcd08a6855b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128446
x-xss-protection: 0
server: cafe
etag: 3111463205014982914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame 42C0 10 KB
5 KB 81ms
24ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 15078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 15:06:28 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 15:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 group.php Show response
www.facebook.com/v4.0/plugins/ Frame 6E9B 2 KB
895 B 190ms
130ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/group.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fafdc6abfdd8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff913ab5700c928%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=19fcf74f976072d8c899b746bd1db718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95982d09c162f5479e78a532d304864680d46cfd2835c4b44add20e8abbd2b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-length: 745
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Aug 2023 19:17:47 GMT
facebook-api-version: v11.0
origin-agent-cluster: ?0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-fb-debug: UU4LtwFdsNa4RFquWlJRqhyAYM6SDK6bvodYxBH3WiuaDEqZth7PlweLcRkI/MwRy0S9uxm7mIF3vSFPFtzhng==

GET
H2

200

/
www.facebook.com/login/ Frame E537
Redirect Chain

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df208c291c2b8024%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

186ms
182ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df208c291c2b8024%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff913ab5700c928%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=19fcf74f976072d8c899b746bd1db718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 0t9gE1IXk1SY79tTNPiarlOAhsMFDe0DfVxTNj4py0egLC1+yE5Ny+eWZD0JE5kXQZTSOMUhxd8Z6u3Kom5xKw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df208c291c2b8024%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff913ab5700c928%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: qlj0ppWLketf3IZj0RPGWbnqqHSsO7gknTZds6PTbirDoeq8q2SzLnbSDjhKP6afx6xTyZoaIlIn431fKnlDTA==
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcf8317588d7c29dbf377e739e3290d7fa9a297ffa0033143048aedbabcb5ea4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 68ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B41L423S6L&gtm=45je3890&_p=396339812&cid=1568474993.1692040667&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692040667&sct=1&seg=0&dl=https%3A%2F%2Fldiena.lt%2F&dt=LDiena.lt%20%C5%BDinios&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B41L423S6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 168 KB
59 KB 236ms
236ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8de3f47c17d9112a28be4a09b4b9ef7d57d7ef6a0bde7e2020f9de4f5cfbd73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-eba1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 60321
expires: Mon, 14 Aug 2023 20:17:47 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
843 B 62ms
62ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1692040667047971
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d1a78e892c796ff095512c788cb362da9aa7a4dffd3f891d57e58d008b4e240f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:17:47 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Mon, 14 Aug 2023 10:37:31 GMT

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 4 KB
2 KB 34ms
34ms Stylesheet
text/css 173.222.108.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.170 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2256ae53
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a173-222-108-166.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=6
content-length: 1200
x-tos-request-id: b8720aa1df30ba2063a1df30-af5440e
x-tos-response-time: Tue, 20 Dec 2022 16:13:36 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 2022122022312613342F1D3967930D99AF
etag: CP6J0dbkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=889226
access-control-allow-credentials: false
x-tt-trace-host: 01233c87bf3a6fd854e461f4032aea3f75aa4311288ab27fac6a85cb532039d515810ef62bc584d969dabeb7b9df518b714566701405600085df11ac51d64dbaa01e26686beabd9317c164cb4181780839ed7955d7d17aaa7f5da5486c543ef0c70e2effb4b853ee41f0c1b05a02b110f01e09c114c8f59f19aed73628779a8306
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 15 KB
6 KB 35ms
35ms Script
application/javascript 173.222.108.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.170 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2256ae59
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a173-222-108-166.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 674,95.101.22.214
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 5147
x-tos-request-id: b1c8828371065e2863837106-af54d97
x-tos-response-time: Sun, 27 Nov 2022 14:15:34 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
etag: CNX5z9bkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1190193
access-control-allow-credentials: false
x-tt-trace-host: 01242414d9ebe6456cea19c464f6e95c0373795ebbbe3e7e15f6ccade1a3edf6e61bd937fb2b06f1450dbbb5f09962ca8e3b82c7378b007852bdfcb2e3e71b0d37dad5ba5dc9b392649357ba27d3a5d9d862fe853b759ef1dd0801103b99ffd25beb1fe8124700659b0aa722059967baefa852054399fa1c3751e7fab680275497
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
216 B 35ms
33ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=396339812&t=pageview&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&ul=en-us&de=UTF-8&dt=LDiena.lt%20%C5%BDinios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=371610145&gjid=1523043972&cid=1568474993.1692040667&tid=UA-57355035-1&_gid=171219698.1692040667&_r=1&_slc=1&z=582509288

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9baec4686ba1b31781d7d2aa19c900b9cea210b7a14ab41b35bede7c66f8851a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 33ms
33ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=396339812&t=pageview&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&ul=en-us&de=UTF-8&dt=LDiena.lt%20%C5%BDinios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=52025959&gjid=164642966&cid=1568474993.1692040667&tid=UA-11131269-2&_gid=171219698.1692040667&_r=1&gtm=457e3890&jsscut=1&z=1173839728

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 99ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ldiena.lt&callback=_gfp_s_&client=ca-pub-1942844261147734

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1942844261147734&plah=ldiena.lt&bust=31076951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cba99453c34a60aa546e5d45787cf91abb83f426c364ca6e9bd20be27bc36b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0C4 631 KB
108 KB 790ms
789ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&adk=1812271804&adf=3025194257&lmt=1692033467&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fldiena.lt%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666817&bpp=7&bdt=344&idt=276&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1287940977713&frm=20&pv=2&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3317d58243518e51f56be0293d2b9e1874874ef14f0a15f392d1e4d43aa70a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110805
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 facebook_2x.png
static.facebook.com/images/logos/ Frame 6E9B 457 B
1 KB 223ms
122ms Image
image/png 2a03:2880:f083:10e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.facebook.com/images/logos/facebook_2x.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fafdc6abfdd8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff913ab5700c928%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

356de5a8c31ac5a5988272e5b94f7c36cf51a1fce5e33cbb76763f088c3a0013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 14 Aug 2023 19:17:47 GMT
x-content-type-options: nosniff
content-md5: AL2DA4BcYPp2pydM/hpDKg==
document-policy: force-load-at-top
edge-control: cache-maxage=86400s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 457
x-fb-debug: GVdFtfcqXA+B7qCOMzdEZRVKKZd7ICrEtjU+/ey/Rj0qn0m4odD6cqIzD+crRNAJNFZwdafmcuOf4yCzLf73Iw==
cross-origin-opener-policy: same-origin-allow-popups
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:17:47 GMT

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F66F 145 KB
42 KB 680ms
680ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1692033467&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666824&bpp=2&bdt=351&idt=364&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j4fkQCOvwX&p=https%3A//ldiena.lt&dtd=373

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da362b9ca58b73f4525a05d00fb0a100d02f5e171019b3ddec4f23f0f5d16bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7818 160 KB
43 KB 662ms
661ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9d739bf98afa4d3d93169aa723e0377c59a043ba62af343e9e11927320959c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0H5YV1RPSL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

809fa000bfe4225230fdf0b5b37cfc14e607657a9b57d4d1337c3a7a3589bb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 14 Aug 2023 19:17:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 86ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11131269-2&cid=1568474993.1692040667&jid=52025959&gjid=164642966&_gid=171219698.1692040667&_u=YADAAUABAAAAACAAI~&z=1404012466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Aug 2023 19:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A70 117 KB
40 KB 569ms
568ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666828&bpp=1&bdt=355&idt=405&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=chp9IBK4ge&p=https%3A//ldiena.lt&dtd=409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

356d09e7e9c25b574aab584c2fcffeb230f3f60b35c83f0694c133825c4a7b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40791
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A781 117 KB
40 KB 577ms
576ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4765417761f735a679d777f8c7a472443a3405b613698767d2465cbd12e23621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40734
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 @ragelskis.laurynas Show response
www.tiktok.com/embed/ Frame 02B4 111 KB
20 KB 452ms
452ms Document
text/html 2.21.20.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Requested by: Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-143.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 264cd292128df7287e0e5f0fcbdb0f9c99e242fc5d674d8c293ff8bac390fa13

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
pragma: no-cache
server: nginx
server-timing: inner; dur=332 cdn-cache; desc=MISS, edge; dur=0, origin; dur=419
x-akamai-request-id: 9db63ce6
x-cache: TCP_MISS from a23-206-213-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-origin-response-time: 419,23.206.213.15
x-tt-logid: 202308141917467A96C448ED2EC2B041C5
x-tt-trace-host: 015f587c6f519c953866e0424f04ed419e2a65e75898abddefd80a36795d986625c0f7c2c9f3b4042a9b273535aa096242fe438cad6168861cb648a004a23a786949dc2278caf7b286febbc80a75da53ef6cccb7972e43428e94a4b7514dae997f
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 14 Aug 2023 20:17:47 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/55595281/
Redirect Chain

https://mc.yandex.ru/watch/55595281?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3A...

482 B
518 B

66ms
66ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A446424540698%3Ahid%3A970899614%3Az%3A120%3Ai%3A20230814211747%3Aet%3A1692040667%3Ac%3A1%3Arn%3A1002979313%3Arqn%3A1%3Au%3A1692040667962299694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C38%2C63%2C18%2C403%2C0%2C%2C404%2C22%2C%2C%2C%2C928%3Aco%3A0%3Acpf%3A1%3Ans%3A1692040665964%3Arqnl%3A1%3Ast%3A1692040667%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d3f8c48e4a208fe53ac32beef6bf2cb790027eb369c22f7a49b67b5a96a08f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 14-Aug-2023 19:17:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 482
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Aug-2023 19:17:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A446424540698%3Ahid%3A970899614%3Az%3A120%3Ai%3A20230814211747%3Aet%3A1692040667%3Ac%3A1%3Arn%3A1002979313%3Arqn%3A1%3Au%3A1692040667962299694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C38%2C63%2C18%2C403%2C0%2C%2C404%2C22%2C%2C%2C%2C928%3Aco%3A0%3Acpf%3A1%3Ans%3A1692040665964%3Arqnl%3A1%3Ast%3A1692040667%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:47 GMT

GET
H2 200 n1.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 2 KB
2 KB 62ms
61ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/n1.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 289d566c877a4b7a5e3c8995151be7a7dfd308a3220448f7a5b19f5b91b9e309

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-64c"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1612
expires: Mon, 21 Aug 2023 19:17:47 GMT

GET
H2 200 d3.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 1 KB
1 KB 63ms
62ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d3.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: b5633af5454dc2c0515ee3620ae8f846b1e5b107fbada5f8ed515b344f0a9f14

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-4f9"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1273
expires: Mon, 21 Aug 2023 19:17:47 GMT

GET
H2 200 d31.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 1 KB
2 KB 63ms
63ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d31.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 5496bb5ae765edbed942234afed579487427a2bd1d17c32f4027333fe5ad6563

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-59e"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1438
expires: Mon, 21 Aug 2023 19:17:47 GMT

GET
H2 200 d1.png
ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/ 2 KB
2 KB 64ms
63ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/icons/weather/clip_art/small/d1.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
last-modified: Tue, 12 Oct 2021 13:42:52 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "616590dc-62b"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1579
expires: Mon, 21 Aug 2023 19:17:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 23ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0H5YV1RPSL&gtm=45je3890&_p=396339812&ul=en-us&sr=1600x1200&cid=1568474993.1692040667&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&dt=LDiena.lt%20%C5%BDinios&sid=1692040667&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H5YV1RPSL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 23414332 Show response
mc.yandex.ru/watch/ 427 B
510 B 70ms
70ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tka4u4wyan%3Afp%3A681%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A2%3Adp%3A0%3Als%3A725158256%3Ahid%3A970899614%3Az%3A120%3Ai%3A20230814211747%3Aet%3A1692040667%3Ac%3A1%3Arn%3A986400719%3Arqn%3A1%3Au%3A1692040667962299694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C38%2C63%2C18%2C403%2C0%2C%2C404%2C22%2C%2C%2C%2C928%3Aco%3A0%3Acpf%3A1%3Ans%3A1692040665964%3Arqnl%3A1%3Ast%3A1692040667%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr(14)clc(0-0-0)rqnt(1)lt(13900)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f2a2b94a0f773eb9d1d54874a251205232d4934aea7136b18b2c3c66269260ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 14-Aug-2023 19:17:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:47 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 850B 155 KB
42 KB 1078ms
1077ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666836&bpp=1&bdt=363&idt=613&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=m4pqh3Jgu1&p=https%3A//ldiena.lt&dtd=617

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ee649d4a28d7ea0863f333c63f9b31536cb51e6b4c4eb47073fdf83facd0445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:48 GMT
expires: Mon, 14 Aug 2023 19:17:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 445B 436 B
235 B 505ms
504ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666837&bpp=1&bdt=363&idt=621&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&xpc=xLAEbkgpw3&p=https%3A//ldiena.lt&dtd=624

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08eac88b3ef1551595526d91fccfd5cff7c7d99b85c230c1fb2412d00a5ddfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B5F 436 B
236 B 476ms
471ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=2029996184&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666837&bpp=1&bdt=364&idt=627&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=5&fsb=1&xpc=tNSSz7BAXt&p=https%3A//ldiena.lt&dtd=631

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

992ed6e0a718bd086ef03882ed91bfe753dcf4f7e0b425a25bd11ca012b11cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1C2 436 B
236 B 460ms
459ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=1190019031&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=635&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=15&uci=a!f&btvi=6&fsb=1&xpc=AR0oy2FG4h&p=https%3A//ldiena.lt&dtd=641

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e08c8366dafd6909dffba19b3a096a353579287fd4666f553cbb972ef9a1f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:47 GMT
expires: Mon, 14 Aug 2023 19:17:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/ Frame 02B4 53 KB
16 KB 149ms
57ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c474d25adf3b82efbf215bcfe10f486b763579154ecc14ca8ae4dc864a4ba329

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7d8a
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: jhLK1Lp60zWNAYkpEHrmHA==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-parent-response-time: 131,23.192.47.213
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 15480
last-modified: Thu, 10 Aug 2023 12:43:47 GMT
opc-request-id: iad-1:-1uW9gb-rj1RAJ1h9W2xdpVBf4iHyRvhPl9LXc2bP_z_8SRGqhjQDlJgP1HGvdXK
x-api-id: native
etag: 780df948-cebe-4ab1-80b8-85fee7e79234
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: f6fbcd70-6788-4d48-881d-5f6d361ff360
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:47 GMT

GET
H2 200 webmssdk.js Show response
sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame 02B4 619 KB
185 KB 145ms
28ms Script
application/javascript 193.108.153.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: baa1a0
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z6lb4ggvjhvby2nY7JSVRA==
x-cache: TCP_MEM_HIT from a23-54-206-9.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,23.206.213.18
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=210
content-length: 188901
x-tos-request-id: ea484068ccaa9a3e6368ccaa-abf3427
x-tos-response-time: Mon, 07 Nov 2022 09:15:22 GMT
last-modified: Mon, 07 Nov 2022 03:53:53 GMT
server: nginx
etag: "CLn13/mVm/sCEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1464377
x-origin-response-time: 223,23.192.44.230
access-control-allow-credentials: false
x-tt-trace-host: 011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tiktok-embed.module.6809f8f65ab9d683e231.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 02B4 2 MB
544 KB 118ms
27ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7d87
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: vQZ+zYrkXYj6FOFQFXbWEg==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 556279
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:8dV_h5jqH61ArYhrUYVEQBsM9aY0lRYYWUaOe_ysR-2MJTFvah53DcPqwM4hafd_
x-api-id: native
etag: 49d61d55-f963-4dde-bd07-29999efeb836
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a452b050-103f-4aa1-be5d-f1a20052614b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:47 GMT

GET
H2 200 playlistCard.module.6908b24ff3649af3fe62.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 02B4 42 KB
13 KB 146ms
55ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/playlistCard.module.6908b24ff3649af3fe62.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ac824d8a7465d767efed78031874c1c7e5d0a4f73dc01c69b26be387b9ae095

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7d89
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: ac+/2+rgzyirMa4ZAK9oWQ==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 12621
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:RfyreXhZX22AyGY1wudiSPeqkPCK8PqY46weLgjiPD24ipX0mgI2uUtenJeeXRU0
x-api-id: native
etag: 9c327600-c957-4502-a9ec-6bd0a7d2ab4c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 98282d5d-7e9a-4855-b2b4-6ee3226c1ac2
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:47 GMT

GET
H2 200 41a6095ac4b787c303adc824671a243d~c5_100x100.jpeg
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ Frame 02B4 2 KB
3 KB 114ms
32ms Image
image/jpeg 23.48.23.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/41a6095ac4b787c303adc824671a243d~c5_100x100.jpeg?x-expires=1692212400&x-signature=HuY0MiVI3phAf0YnanJkx0h2Fu8%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-174.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: bdb038f2eb6f08289b4c9995e3385f0ea0aab76e376c1779dfea421f07537538

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 4e3d058.55523b0
date: Mon, 14 Aug 2023 19:17:48 GMT
x-crop-loc: (0,0)-(719,719)
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230617112141AF959E05549E7FF7826Aw89zc21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a23-48-22-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.201.44.202, 107,23.54.207.28, 5,23.48.22.174
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 971653
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=0, inner; dur=108
x-length: 2385
content-length: 2385
last-modified: Sat, 17 Jun 2023 11:21:42 GMT
server: nginx
x-tt-logid: 20230617112141AF959E05549E7FF7826A
x-response-date: Sat, 17 Jun 2023 11:21:42 GMT
x-cache-remote: TCP_HIT from a23-48-22-164.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-imagex-extra: {"algo.succ":"crop","enc":{"adapt_v":0,"h":100,"nq":75,"q":75,"qp":0,"w":100}}
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-06-17T11:21:42.748983219Z 104
cache-control: max-age=31362245
x-tt-trace-host: 01d762d8dd42ef37f854cabd2ba8ea7ca8a45317ddb4d3417d3741a65fc0bd3b827ec071f4b5dea4086b53417f15795433c0646b7a5093ef4808e2d3608451f4808d798e2c5d802ef2cb847d949f8805e8c292a6f2acc8d0cac93c335e7c1db79b9f86724ca2eccd2faae5ac3dc6169fe9
imagex-fmt: jpeg2jpeg
timing-allow-origin: *

GET
H2 200 playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 02B4 477 B
1 KB 108ms
28ms Image
image/png 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7eb1
date: Mon, 14 Aug 2023 19:17:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 6b90YaoHfISpt3gWxH3DxA==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 477
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:AKhvIdP08Diq_w3KRnYWds_S9cFF7oesv_tbpC8WfjmPM72HSvBa8kP-UpLytIJu
x-api-id: native
etag: f9e39dbf-3802-4bb9-beb3-742e4b9cbe07
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 5ee1deb0-73b5-4d51-8af2-422821eff4e6
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
H2 200 350d4d919a9b4ad9a0307ac05a5bee8c_1692017722
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 160 KB
161 KB 128ms
36ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/350d4d919a9b4ad9a0307ac05a5bee8c_1692017722?x-expires=1692061200&x-signature=ZWdG79ymbyS640jK90WSotmJS5E%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 76d6c5fa3e145cff0dc1a7c2ad5631d0171c2ac0c3bdabc13eacf58e02748101

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 64ba1b.466f21a9
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230814125649941E869643AFA4490BABt26v431df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=7
x-length: 163362
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 163362
last-modified: Mon, 14 Aug 2023 12:56:50 GMT
server: nginx
x-tt-logid: 20230814125649941E869643AFA4490BAB
x-response-date: Mon, 14 Aug 2023 12:56:50 GMT
x-cache-remote: TCP_HIT from a2-19-125-156.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-14T12:56:50.425524739Z 45
x-request-ip: fdbd:dccd:cdc2:137d:0:5b::
x-origin-response-time: 77,23.204.146.6
x-response-cinfo: fdbd:dccd:cdc2:137d:0:5b::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01cfe32ef6bb92a020e9b0b5e668f106a726eb4a8ea450b05062dbe33cd039977ff33a38f8b0ed64dda730df3ecfa84b59f4e795328b7229d2d84fa67c0f819d6656ff2d7207bd847b717738b8734ffba0c921a1744bdd4984767ee5a64e19d4e3e9608799002fb04469233231f294ae8375734e1546d554758bc811fa58c7a5b2
cache-control: max-age=31513052

GET
H2 200 oMNyCmITCbzbRYghLufv2EgwhHVJIoAIFzBnxA
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 86 KB
87 KB 189ms
97ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMNyCmITCbzbRYghLufv2EgwhHVJIoAIFzBnxA?x-expires=1692061200&x-signature=AkAhPA85ml2DK0NmCcg9C%2BHYxDQ%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 647145d5cd7f90bd77ee77d95104193aad8b126abae6ca3d68ccbb37d611e959

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f664a5.466f21aa
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308131122045D7154D7CB056D10CBDAm897b31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 8,23.54.207.19, 4,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=43
x-length: 87556
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 87556
last-modified: Sun, 13 Aug 2023 11:22:05 GMT
server: nginx
x-tt-logid: 202308131122045D7154D7CB056D10CBDA
x-response-date: Sun, 13 Aug 2023 11:22:05 GMT
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-13T11:22:05.144735438Z 38
x-request-ip: fdbd:dccd:cdc2:1175:0:35d::
x-origin-response-time: 60,184.27.176.55
x-response-cinfo: fdbd:dccd:cdc2:1175:0:35d::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01da461abe7883cbea28972e2f574d8404f5b0adb25060e497c63dc8494154953f5684f4036df259b4d6b85675f9cd38cd8dc627952a15c88b18aca60a4dcad762dcf34f426b9e18915f82eef1b06f2047c11da07e53527de0ee4e7662eed6b6e7d8611f4a34e6a2bfe9f44f945ab56ce0e9b8f92afcdaa62360592a621ad50e6e
cache-control: max-age=31421071

GET
H2 200 oU1AIBD9M5n6RKQJBfmIeBXDbPPAPkIE63EFpp
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 59 KB
60 KB 189ms
97ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oU1AIBD9M5n6RKQJBfmIeBXDbPPAPkIE63EFpp?x-expires=1692061200&x-signature=lvBv0vIooIuNga7vLX0FndZeueo%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: f972086f21ac2dee0629917637500f4a9464c268fbd53176531d3c94b683807b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-eb79139610624f26f6b74a86050604d1-eb79139610624f26-01
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=3
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-tt-logid: 202308122023249A6B41756CD1E4E620FD
x-response-date: Sat, 12 Aug 2023 20:23:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-12T20:23:25.837655149Z 39
x-request-ip: fdbd:dccd:cdc2:1175:0:3c9::
x-origin-response-time: 77,23.204.146.15
x-tt-trace-host: 01d0c82e9e48ec87a7522561085ea0fd2d08e8deba75cf6a6516e7bf31bffbd676f22c7d125edde1f6eae4cadde1bac505592783ec9e4dd97c112b1873facbc9b680a5e904a576a17a6155ccbf3fa088be2e29e7e296d6ffe6e749ac9a2fedc45a13cc22079cf1eb01c4f9d9fbdd165a6e65859e6f97099b1a46f1bc81752f24aa
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
cache-control: max-age=31367184
x-akamai-request-id: f6652a.466f21bb
date: Mon, 14 Aug 2023 19:17:48 GMT
nw-session-id: 202308122023249A6B41756CD1E4E620FD8bp2d31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 3,2.19.125.132
x-length: 60003
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 60003
last-modified: Sat, 12 Aug 2023 20:23:25 GMT
server: nginx
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3c9::
timing-allow-origin: *

GET
H2 200 cab3b5b7c70a4d1bbe0538065fc20ebd_1691507148
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 146 KB
148 KB 189ms
98ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/cab3b5b7c70a4d1bbe0538065fc20ebd_1691507148?x-expires=1692061200&x-signature=jPrM4fW3BBS9kADlTwPylayaK%2BI%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 52fc7b078b94e161b56f22a89c5fca7a537afe684d50a63fe26b386111b21a07

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ac5381.466f21bc
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230808150901CC7F26C9C885725DE7A0c9pns31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 4,23.54.207.8, 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=2
x-length: 149901
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 149901
last-modified: Tue, 08 Aug 2023 15:09:02 GMT
server: nginx
x-tt-logid: 20230808150901CC7F26C9C885725DE7A0
x-response-date: Tue, 08 Aug 2023 15:09:02 GMT
x-cache-remote: TCP_HIT from a2-19-125-150.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-08T15:09:02.887046636Z 75
x-request-ip: fdbd:dccd:cdc2:13d3:0:13b::
cache-control: max-age=31002647
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:13b::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 011c6d18378e0ae7cf51e9e3094770c2db562c87759826e7acc230db47ec6c5ee69d741bd3b425fdd836e560808e40fba0f5206644590e9dc8b7c33dca9484709bbc589852914971ae1f3ea6a51dbe04229dbac1767e16db3839bc051955b473de9c60103c32d151d9b6b2c4519518e71ae07a0cb66f3b8075e9f6208098905ced

GET
H2 200 7eb074cff9ae4274b69da6dbcb0880d1_1691425138
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 188 KB
190 KB 125ms
33ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/7eb074cff9ae4274b69da6dbcb0880d1_1691425138?x-expires=1692061200&x-signature=1uh878u2f0aVdHx5OxHfaxc09Eg%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 56175fc5881c3bd437105451e7a577a46b9b130895331a1bf4e1aeaa3f64c37d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f6648a.466f21ab
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230807162351D6C018DA8E678DBDE698wvgtd31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 6,184.27.176.20, 3,23.54.207.30, 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=3
x-length: 192923
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 192923
last-modified: Mon, 07 Aug 2023 16:23:52 GMT
server: nginx
x-tt-logid: 20230807162351D6C018DA8E678DBDE698
x-response-date: Mon, 07 Aug 2023 16:23:52 GMT
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-07T16:23:52.872333223Z 47
x-request-ip: fdbd:dccd:cdc2:1169:0:1e75::
cache-control: max-age=30920760
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1e75::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 017213d6486977d7953abddad0016f60d762cb248d139a11fb75ab62e7304a5a82cc665b278eaf446d1673c29dd1a9aa9629739a1485f139da0039eadc3fcdae2a00a9ccb6850b94780d8d229f2b1a76a33cbba63e8b757aabc55ace0ba48aa9fdfc7c4d5f68fc742c18926fa221f809dc77ffbe6931a612ec1ed6d122910ca0cb

GET
H2 200 o4aFJIB5Eh7z2B0hIByCRzpAaIuznBBNoA8fPI
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 116 KB
117 KB 189ms
97ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o4aFJIB5Eh7z2B0hIByCRzpAaIuznBBNoA8fPI?x-expires=1692061200&x-signature=jugcWTx%2BftEtmX6wcndh%2BGuh3hc%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 740f9a62f2704917aefa665e7678617c6a165cc445125993331133e3f2aa7989

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f66513.466f21ba
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308071502184946D103CC1F68B5BEB8zb4vn31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 2,23.222.242.206, 2,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=4
x-length: 118803
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 118803
last-modified: Mon, 07 Aug 2023 15:02:19 GMT
server: nginx
x-tt-logid: 202308071502184946D103CC1F68B5BEB8
x-response-date: Mon, 07 Aug 2023 15:02:19 GMT
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-07T15:02:19.4768725Z 45
x-request-ip: fdbd:dccd:cdc2:1175:0:398::
cache-control: max-age=30915880
x-response-cinfo: fdbd:dccd:cdc2:1175:0:398::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01c28a264fc7a3f5321dffa178b9ab4e139ba5ef6a5506e64bc25cc52a996471e5fe66747e544712a25c8f6616bc44480c9b9ad115f51bc926e6070bb1a084875bf35f8cf9ab4d02523887cedf2c8a9693299a87ecc23548f2c5ba980325894db74fb28e98b31326c82065ac764e1c52d0164a79c6c850cad883c7869eb0062d67

GET
H2 200 o0iCqFzOzITWxQLGAVfCnsI4AANCyOhEhvosCa
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 143 KB
144 KB 88ms
88ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o0iCqFzOzITWxQLGAVfCnsI4AANCyOhEhvosCa?x-expires=1692061200&x-signature=IwON%2FRCHfcSCemhH8S6zPbudJ7I%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 05d08e4a596a10e19ed5e0d3ea33ed2d012783c02f39a60dea4667cb24ad680c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: b9841a.466f21d7
date: Mon, 14 Aug 2023 19:17:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230812180036F04320B221FEC3F10929cndp431df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 11,23.204.146.39, 4,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=3
x-length: 145956
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 145956
last-modified: Sat, 12 Aug 2023 18:00:37 GMT
server: nginx
x-tt-logid: 20230812180036F04320B221FEC3F10929
x-response-date: Sat, 12 Aug 2023 18:00:37 GMT
x-cache-remote: TCP_HIT from a2-19-125-162.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-12T18:00:37.930006369Z 63
x-request-ip: fdbd:dccd:cdc2:13d3:0:135::
cache-control: max-age=31358541
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:135::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01d1a8b7f2b06ade2e0cd443a0c4275f2dcffc5cb596f667b09a96c14786e0e6ac75a34e386b07f76df1f4350c72ee0c2049f8a7d04674b1067ac8963b69c62e4055ae72fc5e0f0632d0b90f8eee2e4dc8025f68a9d591fa6f065c5051f593c848e6dbf2244ea353b2e6b28e73c743523f513a62fccf6426133b31455c66672df8

GET
H2 200 oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 116 KB
118 KB 89ms
88ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs?x-expires=1692061200&x-signature=I7fa5V3uuaNXP%2Bx%2BxUSIMfjTAAE%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 127406a.466f21d9
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308101648040AA6865AD7E012E29FC3gvrnd31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 6,23.204.146.54, 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=2
x-length: 119249
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 119249
last-modified: Thu, 10 Aug 2023 16:48:05 GMT
server: nginx
x-tt-logid: 202308101648040AA6865AD7E012E29FC3
x-response-date: Thu, 10 Aug 2023 16:48:05 GMT
x-cache-remote: TCP_HIT from a2-19-125-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-10T16:48:05.715551023Z 69
x-request-ip: fdbd:dccd:cdc2:1175:0:3ac::
cache-control: max-age=31181400
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3ac::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01552497881cf519054092f18f5f9103d8436f1ad84469079f8ceadcff733b4b82fc018559e68a35c32c8bc3f17027c3fa5e38a136e609163ab769c10c2d758a3395a7eb9d039e88bb82b17c11ddf558cf758c86e9ddb2c56ca89f3df64996cb518ec55bcf8a6dcd0903aa40f72275863fd21b9e3ba4d9702890061cc6cdb84667

GET
H2 200 exclamationCircle-1c74f6f7941ff526d69976cc68e9c851.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 02B4 685 B
2 KB 70ms
29ms Image
image/png 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/exclamationCircle-1c74f6f7941ff526d69976cc68e9c851.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf3d80e2bf58d36eaaa86946e1d42b63f826a3bfcef545f6ea387b7605d02856

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7eb3
date: Mon, 14 Aug 2023 19:17:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: HHT295Qf9SbWmXbMaOnIUQ==
x-cache: TCP_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-parent-response-time: 673,23.206.251.103
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 685
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:IT9pvxQphdlCK-zsaqUGhO3pZNJ_IQpN8_QDbLBPlPlX27pVk1AAqwaO0Jla0_LE
x-api-id: native
etag: a96c1dd1-8187-4548-a26e-bd53ea9e2553
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 689dbbb0-4366-4e1e-b280-f7087ecb735d
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
H2 200 ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 63 KB
64 KB 89ms
89ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg?x-expires=1692061200&x-signature=KBS8JMBTMy%2BZLYy7FnQYKrRfljg%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f66625.466f2214
date: Mon, 14 Aug 2023 19:17:48 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308042253050BB061A405762FAD90F5h92kk31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,184.27.176.18, 39,23.54.207.19, 5,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=0, inner; dur=51
x-length: 64537
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 64537
last-modified: Fri, 04 Aug 2023 22:53:06 GMT
server: nginx
x-tt-logid: 202308042253050BB061A405762FAD90F5
x-response-date: Fri, 04 Aug 2023 22:53:06 GMT
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T22:53:06.584645255Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1cc7::
cache-control: max-age=30684959
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1cc7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 011e92ba2cce2c80104f2738c8b4f69bc756e3dbf66f87177cf8eb5b0756dc19d5c038244d41bedb632afd150bbdcc56f037d80d95b90ad9e68fff94d6a8178a6b5e4a2ebcdbeda792fbbf8945d5168c6e620290a268116215fa8b49d67f44fec98f3546cd4a05c031f2033b97cdd718ebc4f2818a9b95e6c2f95ff4dfc7fcf872

GET
H2 200 fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 02B4 3 KB
4 KB 69ms
28ms Image
image/png 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7eb2
date: Mon, 14 Aug 2023 19:17:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 2991
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:_853pmLbsNuvmRJ5IZed4lt1KFVxkE0HVQENcZRLn-Fed5lvEhBkVB4msHpGc2P-
x-api-id: native
etag: baaa2b8a-fb86-43d6-b9ba-62924e69a2a8
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 9d73d101-952e-4a51-a73c-f6fa893e476f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
H2 200 browser.maliva.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame 02B4 47 KB
18 KB 99ms
25ms Script
application/javascript 2.16.202.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f5909b784a4c97c2cca962a7478707639269371a8e87f4e3cfdad50f4ff91154

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1fc88e5
date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: TML/bqUSUHUJeY3mL8YXFA==
x-tt-trace-id: 00-deb111b010642bacc662518606e304d1-deb111b010642bac-01
x-cache: TCP_MEM_HIT from a2-16-202-87.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=160
content-length: 17522
x-tos-request-id: 8b95f8d4a835e9cd64d4a835-a362d31
x-tos-response-time: Thu, 10 Aug 2023 09:04:53 GMT
last-modified: Thu, 10 Aug 2023 09:04:29 GMT
server: nginx
x-tt-logid: 202308100904525071C2C4C054771A90FB
etag: W/"4cc2ff6ea512507509798de62fc61714"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: false
x-tt-trace-host: 01089aa2d964cf24dc05ef0019f7cd9d6797702b65223f1c6b4695642c627282a5894f9f10fd4bcd7d6829c21799f88989309e6af537919504b25a5b1e6cbce2a0562701036eaf284188ebfc5b6ecbddaa16fb33da05de66cf3bd494f07d59f86bd5c497a1222950a589ced7c1e417895d6e82da2d22f645e39d5ceb3102c53d50adfe55147c9c37926d379c033c60e603
timing-allow-origin: *
access-control-allow-headers: *
expires: Mon, 14 Aug 2023 19:22:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A70 2 KB
979 B 99ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666828&bpp=1&bdt=355&idt=405&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=chp9IBK4ge&p=https%3A//ldiena.lt&dtd=409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:20:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5A70 34 KB
14 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ea3021e1f6152f16fa8b40a93d5d0cb8e5681bc84bb78c575a71acfa9c7400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13555
x-xss-protection: 0
server: cafe
etag: 1106533797828040066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 00:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A70 179 KB
57 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15314451029400883075/ Frame 5A70 74 KB
74 KB 86ms
70ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15314451029400883075/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65532a1786cd4684158acf7fa687dcb3c69fd95da6bbd73ec1f287f2466f3a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76069
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:34:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 5A70 23 KB
9 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5A70 3 KB
1 KB 65ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 5A70 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A781 2 KB
643 B 92ms
43ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:30:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A781 34 KB
13 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ea3021e1f6152f16fa8b40a93d5d0cb8e5681bc84bb78c575a71acfa9c7400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13555
x-xss-protection: 0
server: cafe
etag: 1106533797828040066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 00:42:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A781 179 KB
56 KB 159ms
92ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3342102741916939380/ Frame A781 32 KB
32 KB 59ms
51ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3342102741916939380/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e26f4f5f4110c3f719fa6f808b86d64ecaf5ba005308ff3dd72ec1ed8d1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 10:47:03 GMT
x-content-type-options: nosniff
age: 203444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33153
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 15:14:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 10:47:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame A781 23 KB
9 KB 57ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A781 3 KB
1 KB 58ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame A781 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7818 4 KB
705 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:41:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 7818 2 KB
973 B 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F66F 4 KB
705 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1692033467&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666824&bpp=2&bdt=351&idt=364&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j4fkQCOvwX&p=https%3A//ldiena.lt&dtd=373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:25:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 7818 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7818 67 KB
67 KB 38ms
31ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSyjIIPOWHK0PSMxC6O19vY5LoVIpnASPPcCmJHkaw8zFiPgD68q1aQAX_Gxmw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27a90a706b940bf90cedef5cd8b986f78e9e7db930bc2913fdd21841c5ccc1cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:47:57 GMT
x-content-type-options: nosniff
age: 556190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68774
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 06:00:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 07 Aug 2024 08:47:57 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7818 19 KB
19 KB 34ms
26ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR1AI0xYegkNEYdNZNEFUxob7ZbVERNJ3deLebOGJtegzRqWwWJ9XMOZb6QmA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a15aeb689a7275c7eed0a6c727cb5dcdb09428be10d5000d3117da7f300e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:19:18 GMT
x-content-type-options: nosniff
age: 223109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18988
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 20:21:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 11 Aug 2024 05:19:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7818 12 KB
12 KB 51ms
43ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQxQDxXzgzG3HPr-W-m9H5QzSaD1O-78hFnhP-h6JPEFZp3jUxGa1jYblnv7bw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac042968cc376720abcb2f76326864ad2bbd2db73a6c443fac94d05dfb4895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:13:59 GMT
x-content-type-options: nosniff
age: 471828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12500
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 09:21:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Aug 2024 08:13:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7818 25 KB
25 KB 97ms
26ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnKCZJzlCNb2T4pvP7tMrqE2stpQFRUkjQZcvOrhPr7l8eSWLfzxm_tpNPEA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcae7f8d9eb3c7166cc42aa3a54ec1ae6eac6dcd441f4b803981fff522ac5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 13:37:31 GMT
x-content-type-options: nosniff
age: 279616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25244
x-xss-protection: 0
last-modified: Sun, 11 Jul 2021 10:14:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 13:37:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7818 31 KB
31 KB 42ms
35ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTiLUt7JqFZyXgSNbs0cSm9yxOIfknqcilKxBKE72KZv9XE60Eoi9k2v1PZOQg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b705aeec77a41ce1b759bc900e9df0a31a821059098ac3abd9fd568ac15352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:57:37 GMT
x-content-type-options: nosniff
age: 256810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32081
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 06:56:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 19:57:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7818 17 KB
18 KB 117ms
28ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSyTbPoNG5DU7k3OaWYu5tcIpgWuVHhH56jPFzXHtXlgS_lids3oiosi1TKqA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ef4fa8ade09537be78e9168b0f8ab4c3efcc3dc99ae4a399e9c3a2e4c14fee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 11:05:25 GMT
x-content-type-options: nosniff
age: 375143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17644
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:45:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 09 Aug 2024 11:05:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7818 29 KB
29 KB 151ms
62ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRcidgIFl1j1mIGiJ_nFJltx2uityHjvFWRvQD0fGO96fbZo29_0rPOjqpmIK4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c97726054cd865115f15b3939cff96113088b6f368c477a658dc1447ffe77224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 21:08:44 GMT
x-content-type-options: nosniff
age: 511744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30063
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 07:02:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 07 Aug 2024 21:08:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7818 12 KB
12 KB 49ms
42ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRCKUbwNwClt4T_u9U1nhNKTg9pnPvGMdQDUOrxHUJ3SYFdlfKLMpwadIeHHg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34de4befde6e899bf6af9218453b331c3c50b12fde1a2cd35bca6f65377ef2dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:55:17 GMT
x-content-type-options: nosniff
age: 555750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12604
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:59:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 07 Aug 2024 08:55:17 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7818 22 KB
22 KB 116ms
27ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRxVxGzProUzooYufatHKGFnXStC33xwMA3sE1kS4dOWzeRVTHqcvI8SIJxjw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb6c1340af2f7e39d9fd18411756ac403f261edab96ba7b087f5bfa5532d123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 15:00:19 GMT
x-content-type-options: nosniff
age: 274649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22181
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 08:39:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 15:00:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7818 28 KB
28 KB 124ms
35ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRZeWG_Y3Kfi7JoOtqAq8emm7vVW8nXiXkpCBuzpHGGaMl-Mlsd1Dp3YT4FEQk&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0697ba16921b89f9d0c1c7e880f3e6e2e36a3dba103db06fdcc5519168c7cf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:37:37 GMT
x-content-type-options: nosniff
age: 304811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28810
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 03:27:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 06:37:37 GMT

GET
H3

200

3480467348219639323
tpc.googlesyndication.com/simgad/ Frame 7818
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODK_4KgjwEQmAkYpgIyCHnoD09qGluh
https://tpc.googlesyndication.com/simgad/3480467348219639323

19 KB
19 KB

35ms
27ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3480467348219639323

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c94bc2e582fa7bb02bae105dc8deb6893d1efad03b19d74028cf95dfe91db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:03:07 GMT
x-content-type-options: nosniff
age: 224080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19643
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 11:55:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 05:03:07 GMT

Redirect headers

date: Mon, 14 Aug 2023 10:43:38 GMT
x-content-type-options: nosniff
server: cafe
age: 30849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3480467348219639323
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 10:43:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 7818 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 7818 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7818 179 KB
56 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 7818 33 KB
14 KB 89ms
24ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F66F 2 KB
926 B 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame F66F 23 KB
9 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F66F 3 KB
1 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F66F 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F66F 179 KB
56 KB 91ms
88ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:47 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame F66F 33 KB
14 KB 89ms
32ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F66F 59 KB
60 KB 114ms
61ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRzktXxYIm2UnRcs4vq-lfxKQykzONP_2KQqqZGwtnMLb8Il7TiCUgqCBYHgA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

345f7edff5c0412c353517635f9a9a3d3b6eb03521b33e8527cac0414a9ab5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:26:30 GMT
x-content-type-options: nosniff
age: 543078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60826
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 06:00:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 07 Aug 2024 12:26:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F66F 19 KB
19 KB 47ms
43ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR1AI0xYegkNEYdNZNEFUxob7ZbVERNJ3deLebOGJtegzRqWwWJ9XMOZb6QmA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a15aeb689a7275c7eed0a6c727cb5dcdb09428be10d5000d3117da7f300e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:19:18 GMT
x-content-type-options: nosniff
age: 223109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18988
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 20:21:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 11 Aug 2024 05:19:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F66F 12 KB
12 KB 57ms
53ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQxQDxXzgzG3HPr-W-m9H5QzSaD1O-78hFnhP-h6JPEFZp3jUxGa1jYblnv7bw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac042968cc376720abcb2f76326864ad2bbd2db73a6c443fac94d05dfb4895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:13:59 GMT
x-content-type-options: nosniff
age: 471828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12500
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 09:21:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Aug 2024 08:13:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F66F 25 KB
25 KB 102ms
49ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnKCZJzlCNb2T4pvP7tMrqE2stpQFRUkjQZcvOrhPr7l8eSWLfzxm_tpNPEA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcae7f8d9eb3c7166cc42aa3a54ec1ae6eac6dcd441f4b803981fff522ac5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 13:37:31 GMT
x-content-type-options: nosniff
age: 279617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25244
x-xss-protection: 0
last-modified: Sun, 11 Jul 2021 10:14:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 13:37:31 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame F66F 17 KB
17 KB 146ms
76ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSyTbPoNG5DU7k3OaWYu5tcIpgWuVHhH56jPFzXHtXlgS_lids3oiosi1TKqA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ef4fa8ade09537be78e9168b0f8ab4c3efcc3dc99ae4a399e9c3a2e4c14fee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 11:05:25 GMT
x-content-type-options: nosniff
age: 375143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17644
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:45:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 09 Aug 2024 11:05:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F66F 31 KB
31 KB 50ms
47ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTiLUt7JqFZyXgSNbs0cSm9yxOIfknqcilKxBKE72KZv9XE60Eoi9k2v1PZOQg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b705aeec77a41ce1b759bc900e9df0a31a821059098ac3abd9fd568ac15352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:57:37 GMT
x-content-type-options: nosniff
age: 256810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32081
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 06:56:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Aug 2024 19:57:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame F66F 18 KB
18 KB 151ms
81ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRzIy-QN01IGYAKTVnR62WH46E6VPsJ5kqK4eiDH2obJnyLr7kgBvBvXzNLVg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca79e288106a53f60b4bb9b00aadb71ff1f9b2ca76a2a9044aa026671c9f67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 04:53:17 GMT
x-content-type-options: nosniff
age: 138271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 05:31:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Aug 2024 04:53:17 GMT

GET
H3

200

3480467348219639323
tpc.googlesyndication.com/simgad/ Frame F66F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODK_4KgjwEQmAkYpgIyCHnoD09qGluh
https://tpc.googlesyndication.com/simgad/3480467348219639323

19 KB
19 KB

25ms
24ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3480467348219639323

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c94bc2e582fa7bb02bae105dc8deb6893d1efad03b19d74028cf95dfe91db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:03:07 GMT
x-content-type-options: nosniff
age: 224081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19643
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 11:55:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 05:03:07 GMT

Redirect headers

date: Mon, 14 Aug 2023 10:43:38 GMT
x-content-type-options: nosniff
server: cafe
age: 30849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3480467348219639323
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 10:43:38 GMT

GET
H2 200 core.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/ Frame 02B4 65 KB
22 KB 28ms
28ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/core.js?globalName=__PNS_RUNTIME__
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94ef9cf08633eaee2cccc704e806bd50eefa6e5eaf8adfb989c4c8ddfc8517ee

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec7e89
date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: MCYv1YMp4Aq5sPM3qGje+g==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 21887
last-modified: Thu, 10 Aug 2023 12:43:46 GMT
opc-request-id: iad-1:EZrYqQ4fY52QxsiERdOGOjXbuvlnyKP5qfTlPw8pSSZvUm_NKNQGSn6jPoG2V4SC
x-api-id: native
etag: 697f6fc0-2af7-480e-92e4-39868f785ca6
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 52790549-d345-4b58-82a4-be9719341ae8
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
DATA 200
OK truncated
/ Frame F66F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92b2ebe71f919b2a52ae887c79845edb72e96f1e107b049611b4d629b1cb3af5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7818 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01d3a53f950907a36762c2276debd332fb33fac7f86118ef6e09e9469691c792

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43B4 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666828&bpp=1&bdt=355&idt=405&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=chp9IBK4ge&p=https%3A//ldiena.lt&dtd=409
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/f9a42ac12d135f1b4c5b599b137cc38c/64dad256/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oInybWNIZINcCJvhhyRoOFzLf5tQAAEHTEkaqv/ Frame 02B4 5 MB
0 104ms
23ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/f9a42ac12d135f1b4c5b599b137cc38c/64dad256/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oInybWNIZINcCJvhhyRoOFzLf5tQAAEHTEkaqv/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=4618&bt=2309&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=aDQ1OmU3NWk4Z2Y2ZDw4ZEBpM3NtdWU6ZnY1bTMzZjczM0AyNl5iMGMyNmIxL18zYDNfYSNfMW8zcjRvMmFgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sat, 10 Feb 2024 12:58:55 GMT
Date: Mon, 14 Aug 2023 19:17:48 GMT
Via: http/1.1 ats-prod-14 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 22733
X-Cache: TCP_MISS, MISS, HIT
Content-Range: bytes 0-8032363/8032364
Connection: keep-alive
server-timing: inner; dur=127, cdn-cache;desc=hit, edge;dur=1
Content-Length: 8032364
X-Served-By: cache-iad-kcgs7200084-IAD, cache-fra-eddf8230029-FRA
X-Storagegw-Request-Id: 202308141258550100990720360C09B8F7
Last-Modified: Mon, 14 Aug 2023 12:55:31 GMT
X-Timer: S1692040668.393669,VS0,VE1
Etag: "995953fd7de4a872a54125b2e0164a98"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 14 Aug 2023 12:58:55 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01bcaed8dae3be6e28044c604fbfd3693d5cde754b8e73bc4899705b268d05342e946a9aec3d423e9e7e3c94b947371ea2f49a41663db06b22aade2b310bef058415a645fad05d07f0c748418ac703fcb10c84bdbb00dec419284927038f833d20f4d1635f49909f9272aff10292f2122d189ec950014a94c0eb6d734d36a342ea8069953a83984d4c2be072f6520e7135
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: c122597753385083bde522d8f58cdada
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/de3ba0cda2979e287bb0f4a8e34b2201/64dad3c3/video/tos/useast2a/tos-useast2a-ve-0068-euttp/okzYIFHkyIn2CdhIuAbfNTvhERzQxgAm2oNU6J/ Frame 02B4 623 KB
0 104ms
24ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/de3ba0cda2979e287bb0f4a8e34b2201/64dad3c3/video/tos/useast2a/tos-useast2a-ve-0068-euttp/okzYIFHkyIn2CdhIuAbfNTvhERzQxgAm2oNU6J/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=2272&bt=1136&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=ZTg0Ozc0ZDo3NmVmZDhnOkBpam05bDs6ZnVlbTMzZjczM0AtYF5hLjM0NS8xMy9hMjIyYSMwYV5scjQwY2BgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-203-045, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 114929
X-Cache: MISS, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-57103090/57103091
Connection: keep-alive
server-timing: inner; dur=1207, cdn-cache;desc=hit, edge;dur=1
Content-Length: 57103091
X-Served-By: cache-iad-kiad7000063-IAD, cache-fra-eddf8230070-FRA
X-Storagegw-Request-Id: 202308131122163CE8D309A4CB96339580
Last-Modified: Sun, 13 Aug 2023 11:16:56 GMT
X-TT-LOGID: 202308131122163CE8D309A4CB96339580
X-Timer: S1692040668.394260,VS0,VE1
Etag: "d5f375b5fb28a0796073b9e2412d2e66"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sun, 13 Aug 2023 11:22:18 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:13db:0:e4::
x-response-cinfo: fdbd:dccd:cdc2:13db:0:e4::
x-tt-trace-host: 01bb347564d42705f248b6c1bff6a0899b7da2134538a019e5e9cc74f3c196479f866d8e0913d4851caa70f11e44368b619eab4b8ab2ba1423ac39c92977a43b282494b82f9ad3a6142d24adcf9c9a502fac2d0c7f839e0a87d888fa6527ac4f1e76a3d7923466511e84490a9cf44df220
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/8b6c455f733af6527193b0edc5880644/64dad3d7/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogPXI3QEDFnA1PUe9nBpjk6BPafDREQsItVJbI/ Frame 02B4 942 KB
0 114ms
35ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/8b6c455f733af6527193b0edc5880644/64dad3d7/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogPXI3QEDFnA1PUe9nBpjk6BPafDREQsItVJbI/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=1060&bt=530&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=PGRnMzozZDZoaDlpNjY4OkBpMzx2dDo6Zmt3bTMzZjczM0BhNjEzXzUyXy0xYy8uXjY2YSMxZGJzcjRfLV9gLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-203-019, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 168691
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-27992976/27992977
Connection: keep-alive
server-timing: inner; dur=80, cdn-cache;desc=hit, edge;dur=11
Content-Length: 27992977
X-Served-By: cache-iad-kjyo7100110-IAD, cache-fra-eddf8230115-FRA
X-Storagegw-Request-Id: 2023081220261675A07AD0C881B3244B7A
Last-Modified: Sat, 12 Aug 2023 20:19:33 GMT
X-TT-LOGID: 2023081220261675A07AD0C881B3244B7A
X-Timer: S1692040668.395107,VS0,VE11
Etag: "3af262e8dbcf6982f5f96e7942893038"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 12 Aug 2023 20:26:17 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:13db:0:e4::
x-response-cinfo: fdbd:dccd:cdc2:13db:0:e4::
x-tt-trace-host: 01763dfd2fd86c2f31b075de685911f5e0c7a502c99d28bd107b3156fda69f0df8a8039d1f4906297e5eadf7d89dae858ea328841d7c545d11cfeedbd6158e153c158415c6470b779cdd657028d8e88e929c82a42cdb957fe1b3203857b1a8f2235dab667c0548451c4d8a6587b46d7a81
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 4, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/85fcebd18a27128a5a06b35ac57d8232/64dad2d2/video/tos/useast2a/tos-useast2a-ve-0068-euttp/owguJkdEfBllXQRsHQRA98DDcZnb80BY3bgLfP/ Frame 02B4 1 MB
0 109ms
24ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/85fcebd18a27128a5a06b35ac57d8232/64dad2d2/video/tos/useast2a/tos-useast2a-ve-0068-euttp/owguJkdEfBllXQRsHQRA98DDcZnb80BY3bgLfP/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=2750&bt=1375&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=ZGVnM2Y2ZDc4Zmg6MztpaEBpM3lqeDQ6ZjU4bTMzZjczM0AtLV5gYjBfNi8xYjUtMF9jYSMxYmxycjRvYjZgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-203-035, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 533303
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-26668398/26668399
Connection: keep-alive
server-timing: inner; dur=59, cdn-cache;desc=hit, edge;dur=1
Content-Length: 26668399
X-Served-By: cache-iad-kcgs7200137-IAD, cache-fra-eddf8230069-FRA
X-Storagegw-Request-Id: 20230808150924598E665B965F25BC8792
Last-Modified: Tue, 08 Aug 2023 15:06:35 GMT
X-TT-LOGID: 20230808150924598E665B965F25BC8792
X-Timer: S1692040668.399618,VS0,VE1
Etag: "3413dbd02eae7fc9aa3fa533d5e0c9e3"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Tue, 08 Aug 2023 15:09:25 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:1175:0:35a::
x-response-cinfo: fdbd:dccd:cdc2:1175:0:35a::
x-tt-trace-host: 0101390c2e666fdcd30187ddda0ecd8090d8014579d9543ffc51152cea861770e44081d7c10ccd1e524a84bb36fdc5f6fed57e21c06e99fd1dfbebe08839b519e0cd5e9a061b8b4e47722ca276738fb9e3799e2d9598b3f25dbc8ce209995d73447e9a56130904500413bd3d98f1c6e92d
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/450e63d1ca6340e60850ce73f8f2d5b9/64dad356/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oUiuQ0niYIkveOzdqPbBR7I8fXk9MREyADDacQ/ Frame 02B4 350 KB
0 68ms
23ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/450e63d1ca6340e60850ce73f8f2d5b9/64dad356/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oUiuQ0niYIkveOzdqPbBR7I8fXk9MREyADDacQ/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=5076&bt=2538&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=aTxoOjNnOjQ7aDlnOjQ5PEBpamw4d2U6ZmxrbTMzZjczM0A1L2JgLl9fXy8xLmMzXmI1YSMzZ29ycjQwYjVgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e00098000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sat, 03 Feb 2024 16:23:52 GMT
Date: Mon, 14 Aug 2023 19:17:48 GMT
Via: http/1.1 ats-prod-10 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 615235
X-Cache: TCP_MISS, MISS, HIT
Content-Range: bytes 0-91949031/91949032
Connection: keep-alive
server-timing: inner; dur=70, cdn-cache;desc=hit, edge;dur=1
Content-Length: 91949032
X-Served-By: cache-iad-kiad7000090-IAD, cache-fra-eddf8230101-FRA
X-Storagegw-Request-Id: 2023080716235201009907202719EF7D1C
Last-Modified: Mon, 07 Aug 2023 16:21:19 GMT
X-Timer: S1692040668.434975,VS0,VE1
Etag: "018b7d232c0206d6600949bb40389a93"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 07 Aug 2023 16:23:52 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 016f4174549e060f5e6fa26d7987c20cbf63d3f1edbb936569b1587f75d8a81696cdf6b27f8858e53d93bcf66d053fd3fcd8bc9b0b5fb7dc1ed2c7dd4f56264eef2cfefe92c2464a7777fa1029b673aef29251e40326f7628d8e83abe300bf6b53c9029c6ca52f8d59a107741a9117fdbcf57faa9198bd42d6a3334fc8e5f321d0a0fd4e98df6ab5cacf35edc5f6ae62c4
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 5699acc9e087cbaf82d8e771e18cf13a
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/56a32971e0ae288e0afab3bfe2e027ea/64dad2ea/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oQRQ7hNhvoauyF5n8EAJIBAj9zIQfzCZzIjIBR/ Frame 02B4 239 KB
0 69ms
24ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/56a32971e0ae288e0afab3bfe2e027ea/64dad2ea/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oQRQ7hNhvoauyF5n8EAJIBAj9zIQfzCZzIjIBR/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=5740&bt=2870&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=Z2Y1aGc5ODxpaTs7ZDhnaEBpanVmZjs6ZjVqbTMzZjczM0AyNjRfNDFhNl4xX15gLzIyYSNwMHJycjRnNjVgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-134-175, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 620130
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-64381398/64381399
Connection: keep-alive
server-timing: inner; dur=140, cdn-cache;desc=hit, edge;dur=1
Content-Length: 64381399
X-Served-By: cache-iad-kjyo7100044-IAD, cache-fra-eddf8230059-FRA
X-Storagegw-Request-Id: 20230807150218BDC35E40900554AC5773
Last-Modified: Mon, 07 Aug 2023 14:59:49 GMT
X-TT-LOGID: 20230807150218BDC35E40900554AC5773
X-Timer: S1692040668.455854,VS0,VE1
Etag: "aee5bc484011599e84134bb468c574dc"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 07 Aug 2023 15:02:19 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:1175:0:334::
x-response-cinfo: fdbd:dccd:cdc2:1175:0:334::
x-tt-trace-host: 016553e51ae6daecc3d6d58412d3afae6be861fdc2da4a477091686c799868dc521865766a1295524cfe9779a75cd763b2a479deefd61673a3cd6bb9714464eab77194080b76f431dd6b2bd0071bcf21eeb00012352f8ffd94e895652ce5dd1ea85123750b92e676230187f86483639c0e
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/8c6cb6a76e7cba5f1409cd3a792508c4/64dad491/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/osFQxCoEh4zAanAfFEAsXyqGLXOhICT5IxmANV/ Frame 02B4 1 MB
0 134ms
23ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/8c6cb6a76e7cba5f1409cd3a792508c4/64dad491/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/osFQxCoEh4zAanAfFEAsXyqGLXOhICT5IxmANV/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=5908&bt=2954&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=ZWg0PGhnOjVoOTk0Ozw7Z0BpajM8ZWU6ZnZkbTMzZjczM0AuMzY0YDRgNTAxLTE0NmA1YSNsXi00cjQwMzVgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-203-033, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 464284
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_HIT
Content-Range: bytes 0-226382876/226382877
Connection: keep-alive
server-timing: inner; dur=4, cdn-cache;desc=hit, edge;dur=1
Content-Length: 226382877
X-Served-By: cache-iad-kcgs7200093-IAD, cache-fra-eddf8230055-FRA
X-Storagegw-Request-Id: 20230807082857394A3B3E9364C09EF220
Last-Modified: Mon, 07 Aug 2023 08:25:05 GMT
X-TT-LOGID: 2023080708325445B864F718BBFD97FEA6
X-Timer: S1692040669.965495,VS0,VE1
Etag: "fe0084b15328a8fa044080bb0516f55a"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 07 Aug 2023 08:28:58 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:1175:0:339::
x-response-cinfo: fdbd:dccd:cdc2:1175:0:339::
x-tt-trace-host: 0173fc43c8af3915163b2ff6a86358320d1e4a565c96eca28c669f5d1a13c70d111d0bc10f17bdc31165ac20b0912cc2142d8b46bebccf588fcb14dcd00e56c582bb806e30f9fe3fdc515e558ace8d2fa95af6502d4fbc6c450e035c11f0ed05f84e179f9c9908450729a3e9aebeb9463e
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 66, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/12417bc1114865c4c56a171bc43ec1ca/64dad493/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEbzPIEEzXv0eB3TQhtrArSi5fuERkDEIFiRmP/ Frame 02B4 1 MB
0 142ms
24ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/12417bc1114865c4c56a171bc43ec1ca/64dad493/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEbzPIEEzXv0eB3TQhtrArSi5fuERkDEIFiRmP/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=3972&bt=1986&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=ZzU3aDplZThpaGlkZjw5PEBpM215NDg6ZjV3bTMzZjczM0A2MTFjNl82XzIxMDUvLWAxYSNlZi9rcjRfaDRgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e000a8000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Aug 2023 19:17:48 GMT
via: n106-134-183, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 695333
X-Cache: MISS, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-152606763/152606764
Connection: keep-alive
server-timing: inner; dur=86, cdn-cache;desc=hit, edge;dur=1
Content-Length: 152606764
X-Served-By: cache-iad-kiad7000074-IAD, cache-fra-eddf8230119-FRA
X-Storagegw-Request-Id: 202308061808559A7FD1968C0EFA975032
Last-Modified: Sun, 06 Aug 2023 17:56:10 GMT
X-TT-LOGID: 202308061808559A7FD1968C0EFA975032
X-Timer: S1692040669.976603,VS0,VE1
Etag: "31b938e585d74678b86e0b6470193b12"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sun, 06 Aug 2023 18:08:56 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:137d:0:247::
x-response-cinfo: fdbd:dccd:cdc2:137d:0:247::
x-tt-trace-host: 018c365c49d969a3d098159767ac13b95177f28b00d2b816cf722ac65d1eb9fe30339d67b48d39a735b21d359258f2bbeafb8f5ea2adaf5e26f5b903802121e84a901e39c23290102183dbcc516d5deab3373bd40beee6845aa905a4b8ec80874fb3c9e69f173d4a845f73f5e8d5344335
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/883f65a9fddf45b07bc25402618e59e7/64dad3f5/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogAhaess1z81nfLWRbuBX8EGQPDHDudIvkFJQa/ Frame 02B4 1 MB
0 1074ms
23ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/883f65a9fddf45b07bc25402618e59e7/64dad3f5/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogAhaess1z81nfLWRbuBX8EGQPDHDudIvkFJQa/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=1600&bt=800&cs=0&ds=3&ft=ApKJEBxTq8ZmoxcX7c_vjaqELAhLrus&mime_type=video_mp4&qs=0&rc=NmZlNTZmaDQ2N2gzPDRmO0BpanFtODY6ZnVxbTMzZjczM0A0YmM0Li40XzQxM2BiMjZiYSNqYGxjcjQwbjNgLS1kMWNzcw%3D%3D&l=202308141917467A96C448ED2EC2B041C5&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Wed, 31 Jan 2024 22:51:20 GMT
Date: Mon, 14 Aug 2023 19:17:49 GMT
Via: http/1.1 ats-prod-18 (va3 [cHs f ]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-c2bf86bf10613cbb382e1306051104d1-c2bf86bf10613cbb-01
Age: 851190
X-Cache: TCP_HIT, HIT, HIT
Content-Range: bytes 0-45332339/45332340
Connection: keep-alive
server-timing: inner; dur=47, cdn-cache;desc=hit, edge;dur=1
Content-Length: 45332340
X-Served-By: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230122-FRA
X-Storagegw-Request-Id: 2023080422512001009907211519E48070
Last-Modified: Fri, 04 Aug 2023 22:44:47 GMT
X-Timer: S1692040670.908292,VS0,VE1
Etag: "CO6E2KaKxIADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Fri, 04 Aug 2023 22:51:20 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01d01fff7a1ecd3f33859d6306742e79a557af680ecdfb915c968d4743b784263e404b8954a601b1b29cdc92c2d81c162e13694cc7c69f3a5e3abb41db4dadf98513290ace7d56c914eac9c92da123073dbc129d3951b314fbaa05b9969eae3a0256521b2951e6e90b70d2b91f2b69d991bc45cc85ab68b90e8049f643a336b7b1f9604d676b090f612d9b1d54c150ebf1ea73610db3219ece2adf6567d698df131134d3d43a991ceda890e7e6fc79707f8cd5833a19fda2f2c4cea65a0bd42db0
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 1630df6154b66eafcd526c891f683bf7
X-Cache-Hits: 0, 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A1A0 46 KB
17 KB 578ms
578ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

846ec8a25a1402db9af2625b1c2537825fab7328530d9a626160191ae1a27acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17171
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:48 GMT
expires: Mon, 14 Aug 2023 19:17:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 154 KB
52 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/reactive_library_fy2021.js?bust=31076951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa35ac0d90ade7e8269e26472efe0e5db7b88f572914f7dcfd6a2e6f26cb64ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53699
x-xss-protection: 0
server: cafe
etag: 187872943678159627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 659F 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame F66F 21 KB
21 KB 110ms
51ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 223349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame F66F 20 KB
20 KB 131ms
73ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 216155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 07:15:13 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7818 21 KB
21 KB 138ms
80ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 223349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7818 20 KB
20 KB 160ms
103ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 216155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 07:15:13 GMT

GET
DATA 200
OK truncated
/ Frame 5A70 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf2f643f7acc015da06c12554386638b8fab76c75ff5c41e750039e644d95a29

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A70 15 KB
16 KB 81ms
26ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 421772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
DATA 200
OK truncated
/ Frame A781 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8574c8626781d8530d71784532d588bffcc686b885d097cb3ac3365f6cdf35cc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A781 15 KB
15 KB 85ms
32ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 421772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5A70
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsMPI233aZM3MFq_En88P9t6c0Auwuu28cL2Rqq7mDmQQASDV2NopYPvhhYOcCqAB6-LKugLIAQapAg9lAPosC5I-qAMByAPLBKoEuwFP0DM-N1sY8lQqJgeKRqZFSe_6HSFuViWCa91Wfhb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222945517934968126006%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%22...

0
0

133ms
60ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222945517934968126006%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22659730795%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210606347898581506657%22}&andc=true

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2945517934968126006","debug_reporting":true,"destination":"https://playmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["659730795"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10606347898581506657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2945517934968126006","debug_reporting":true,"destination":"https://playmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["659730795"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"10606347898581506657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H/1.1 200
OK webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 0
0 604ms
172ms Preflight 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Aug 2023 19:17:49 GMT
Server: nginx
Server-Timing: inner; dur=3 cdn-cache; desc=MISS, edge; dur=3, origin; dur=112
X-Origin-Response-Time: 112,2.23.208.131
X-Tt-Logid: 20230814191748A80DB7B341432AE045B2
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec26487916176dd5e621046af0c3f3d431d119f11bcb9088f57c46b1eb27249d991d9f1b02e05d72711e7e500df8ae7d41170147037c1838b3de901cf3852001200bc27c6ebc93d587b67e1164bc000ef38dd
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK webid Show response
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 02B4 58 B
892 B 174ms
169ms XHR
application/json 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd0ab42567f9908ca1ca92765ab67bede800ce622dd23463d5d0dab08f734520

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 14 Aug 2023 19:17:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Server: nginx
X-Tt-Logid: 20230814191748D3A8062FC2B4F0D34169
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 96,2.23.208.131
Cross-Origin-Resource-Policy: cross-origin
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec26487916176dd5e621046af0c3f3d431d116590121e63baffe3ec0e65c90873c852dd2f18f86652de012e36c8ddc43c4bb1537bea06f8b8fa39035690da91ff1be0a5a15972a1ab6607f71fb3f4640b5ad2
Server-Timing: inner; dur=8, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
Connection: keep-alive
Content-Length: 58

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A781
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKuFu233aZP2iFqKa2OMP_PGa4AWwuu28cPGDjr3BDmQQASDV2NopYPvhhYOcCqAB6-LKugLIAQapAg9lAPosC5I-qAMByAPLBKoEuwFP0Js_U0m0d5T4yXdaY7OMbciL3k_mTWHzf3lIEDt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215131543408272152947%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%2...

0
0

130ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215131543408272152947%22,%22debug_reporting%22:true,%22destination%22:%22https://playmarket.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22659730795%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214858912622754478321%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15131543408272152947","debug_reporting":true,"destination":"https://playmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["659730795"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"14858912622754478321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15131543408272152947","debug_reporting":true,"destination":"https://playmarket.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["659730795"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"14858912622754478321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 308ms
106ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F66F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp-QL233aZP_YEuDln88P8_SUiA7g6uzOccftyMusEdzZHhABINXY2ilg--GFg5wKoAGV2-3EA8gBCakCSoEp5l9csj6oAwHIA8sEqgS7AU_Qhp-xAHkAxBnaRDoGTq6gKJLa1mCLHUCpZHy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22424606677004992587%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%222...

0
0

104ms
104ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22424606677004992587%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22949710229%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222957436118922799009%22}&andc=true

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"424606677004992587","debug_reporting":true,"destination":"https://bonprix.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["949710229"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"2957436118922799009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"424606677004992587","debug_reporting":true,"destination":"https://bonprix.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["949710229"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"2957436118922799009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7818
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFMU3233aZOG9FLHvn88PuYKH4A_g6uzOcYu5o5CMEdzZHhABINXY2ilg--GFg5wKoAGV2-3EA8gBCakCSoEp5l9csj6oAwHIA8sEqgS6AU_Qf2Td44sQVr3pMGh6SOhbh66brDgzygfZZNb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229070343253285478288%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%22...

0
0

105ms
103ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229070343253285478288%22,%22debug_reporting%22:true,%22destination%22:%22https://bonprix.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22949710229%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221239860381162311105%22}&andc=true

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9070343253285478288","debug_reporting":true,"destination":"https://bonprix.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["949710229"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"1239860381162311105"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9070343253285478288","debug_reporting":true,"destination":"https://bonprix.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["949710229"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"1239860381162311105"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 850B 4 KB
728 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1692033467&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666836&bpp=1&bdt=363&idt=613&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=m4pqh3Jgu1&p=https%3A//ldiena.lt&dtd=617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 19:07:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 850B 2 KB
892 B 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 850B 23 KB
9 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 850B 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 850B 20 KB
8 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 850B 179 KB
56 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:48 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 850B 33 KB
14 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 704ms
121ms Preflight
application/json 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 221ad47b513e4954fc26c76a2dcaae84
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 14 Aug 2023 19:17:49 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=94, edge;dur=-1
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1692040669302293
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230814191748A69A9E0956D77D68974E
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0ea47c32f8287120b9554af2b727d7f791e368998472787733c30ca322a90eba2c59989774ef0b00e0a26d5418dd143b784bb14c8ef417c53a64d979a4acf54e40940063ed883b8b18065609365b3ad0f4
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_static_fra3_internal

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame 02B4 1 KB
1 KB 173ms
123ms XHR
application/json 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b7528a0c54faf3bef69b8294207cb751bb41a70039f76283d94f5b5b33ede8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1692040669473275
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_static_fra3_internal
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=96, edge;dur=0
server: Tengine
x-tt-logid: 202308141917487FAD5F0463B3627357E1
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a7a866bcd543dc00a1b34b739d77e49977cc8e148f506a1f1095f64e4f87c8bab09a6fa5793e06972342d05ade64ba88cac57d66a6f1f2fcde87f6e6b800c5ca58778eb946a359fb942e110f1f03a6e50d4ec8f8c2ff4dab8e37d71eb9e132ae0f
access-control-allow-headers: Content-Type
bd-request-id: 406120e0778e1d113ac00219179cd283

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame E396 37 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame B956 37 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666826&bpp=2&bdt=353&idt=385&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1287&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Z3UDlZmuAU&p=https%3A//ldiena.lt&dtd=389

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 202ms
108ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 devtools.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/ Frame 02B4 4 KB
3 KB 51ms
51ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/core.js?globalName=__PNS_RUNTIME__
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec803d
date: Mon, 14 Aug 2023 19:17:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: SBOqY3b5/4rueltCkuSr0w==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1706
last-modified: Thu, 10 Aug 2023 12:43:46 GMT
opc-request-id: iad-1:K0izEMEF4om82Wc_0pDcs3u3nZSszs_nA7oMiMgC11FIG2Sw5bVLfUjqyGgsJJO5
x-api-id: native
etag: 32949a19-e4d9-4c0b-86cd-aa1361f8eda1
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 340e263c-2048-4bfd-b355-7cc4dd5d306c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 952,23.33.32.189
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:48 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame E0FC 10 KB
4 KB 93ms
92ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:09:43 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 16:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame CCC8 10 KB
4 KB 84ms
83ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:09:43 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 16:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame 33F7 10 KB
4 KB 78ms
77ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:09:43 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 16:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame 3CDE 10 KB
4 KB 77ms
76ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:09:43 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 16:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43B4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame A41C 37 KB
14 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 659F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
49ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BD1 37 KB
14 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1692033467&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666829&bpp=2&bdt=356&idt=412&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JRFJ2Rgb2D&p=https%3A//ldiena.lt&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 850B 15 KB
15 KB 67ms
63ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQq4YskZopv1b3Mm13cUNXg-S5yA_E9ljK05H1MEuXyc1pPfWA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a18d7b7234f5f807aa636dd17e1a9ca2afb83bf06fe1e61a8d6d8fc5a2fedf05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 19:40:19 GMT
x-content-type-options: nosniff
age: 85049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14849
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 08:27:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Aug 2024 19:40:19 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 850B 8 KB
8 KB 67ms
64ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSbdaCfk963VUgvqFiopfD2cIJIrlu1GLqV2eAtF2otg8wYvlE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c53230227ba5dd26862860a7303cdd018419185c89ee132237a58d1eb9eab03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 19:40:19 GMT
x-content-type-options: nosniff
age: 85049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8315
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 02:27:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Aug 2024 19:40:19 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 850B 15 KB
15 KB 104ms
100ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRjpZ5WyoURLG51BxVpsr1qIuzN59LpFCoPCKQGZ32j15PAgvf_&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fb99b608c65011714627ec40594d0a7cebffadf665fbcec68da957a026f239e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 11:07:18 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15139
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 850B 10 KB
10 KB 69ms
66ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTP8vw_Z6nywTCDdRUvKv7uqnHx-F7tjDBceSVvKb2W21EpR0w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f947740a75b748d87dac17f41ee02099f1042ee2d080d92b04f3a766511b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:02:24 GMT
x-content-type-options: nosniff
age: 15324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9802
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 10:11:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 15:02:24 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 850B 9 KB
9 KB 97ms
94ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS2JlWVUlmLkRwH5Mn0wmWFWh_EVwpDeueeIv-_WAgDDy-DJ7yi&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca06036619c0d682b6654b71baba12fc5830328e7542ff97a1fc75774e567038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2024 08:04:19 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9618
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 850B 13 KB
13 KB 115ms
112ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSRT6QZkELYWW4V-5yHig6GO49Kt1MYSUXt9bY-Ls15WiPEmiU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

684067feb4d66908ff4a0ad4839592ce43bebffffc1d122bd499b0c85fb2eb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 13 Jun 2021 14:11:47 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12926
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 850B 12 KB
12 KB 113ms
109ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS59aq3vjr-74xAAtb6N-QxRuQdVbqEKuZ_cqMaG0jSZjOOIRl-&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0ebd7c57e85a9876047db9de2155c7d4c3f6982611ac1cc8e694d5fd72aa7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 28 Nov 2021 11:31:05 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12266
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 850B 10 KB
10 KB 104ms
101ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRlGiXnmtXEH23-hlzmyfs0ix79ogp-s_U8YHwDw6Zsx6KicgRA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169c75eef3bfbbf1cd751f0574a55e89b631763b0a2745a80a1ca4f8227b3b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:48 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Mar 2024 09:33:36 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9990
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 13 Aug 2024 19:17:48 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 850B 18 KB
18 KB 80ms
77ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQkOYyw8EkrQ1qd1Qxs91SvNgeh0R9pA5hmrOflujcQ1jwWbOS5&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690155cad075a810d6f2bbb7be98f1870f2fb30b1a58f416f37a72ac23ac6762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 17:28:48 GMT
x-content-type-options: nosniff
age: 438540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18186
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 08:04:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Aug 2024 17:28:48 GMT

GET
H3

200

13955093383767687306
tpc.googlesyndication.com/simgad/ Frame 850B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDL29-CbxCYARiYATII3b85x72i7WQ
https://tpc.googlesyndication.com/simgad/13955093383767687306

4 KB
4 KB

25ms
25ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13955093383767687306

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b8aa83d115cbe7be6aec95fbef24709b6928806fea127595b212651c30f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 19:40:19 GMT
x-content-type-options: nosniff
age: 85050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4345
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 10:26:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 19:40:19 GMT

Redirect headers

date: Sun, 13 Aug 2023 19:40:19 GMT
x-content-type-options: nosniff
server: cafe
age: 85049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13955093383767687306
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 19:40:19 GMT

GET
DATA 200
OK truncated
/ Frame 850B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7744d7ca042ba014c9ee1944e6d9d59abd3b509e233f19d65623f696c4d96c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 68ms
66ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
68ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 850B 21 KB
21 KB 26ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 223350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 850B 20 KB
20 KB 31ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 216156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 07:15:13 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame E0FC 4 KB
671 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:41:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E0FC 205 B
229 B 33ms
32ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 13:24:11 GMT
x-content-type-options: nosniff
age: 194018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Aug 2024 13:24:11 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E0FC 604 B
628 B 37ms
36ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:55:52 GMT
x-content-type-options: nosniff
age: 217317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Aug 2024 06:55:52 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame E0FC 15 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 14691725014340836395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 00:48:22 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame E0FC 20 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 23:58:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CCC8 4 KB
632 B 44ms
44ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:40:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame CCC8 2 KB
895 B 37ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame CCC8 23 KB
9 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame CCC8 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame CCC8 20 KB
8 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCC8 179 KB
56 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame CCC8 33 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 33F7 14 KB
1 KB 59ms
59ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:27:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 33F7 2 KB
895 B 49ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 33F7 23 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 33F7 3 KB
1 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 33F7 20 KB
8 KB 57ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33F7 179 KB
56 KB 93ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 33F7 33 KB
14 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H3 200 12e0c0bbc282de0324fc2c716af124fb.js Show response
www.gstatic.com/mysidia/ Frame 3CDE 9 KB
4 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3920
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 08:04:41 GMT

GET
H3 200 17b11504dbe358eca20ea232cf228787.js Show response
www.gstatic.com/mysidia/ Frame 3CDE 9 KB
4 KB 83ms
80ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/17b11504dbe358eca20ea232cf228787.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 18:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 18:43:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3CDE 14 KB
1 KB 85ms
84ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:48:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3CDE 2 KB
895 B 73ms
71ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 3CDE 23 KB
9 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3CDE 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3CDE 20 KB
8 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CDE 179 KB
56 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 3CDE 33 KB
14 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A029 2 KB
2 KB 213ms
74ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7bd6bafba8bbf830049cb65019814e2415607c09ebde7d8a999c128ed527c5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f6b8a46deaa3ca5-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8726 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0784 1 KB
643 B 66ms
65ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 36779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8726 20 KB
8 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8726 0
0 64ms
62ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSR67p6aoSTCG1DA-KRUNN2xVCcqk2fmiGcrk66kmyjTos0APFfqPntA1vAuBDxvmc3zWE0g4inEJ3AB8VfdbFXu3wQpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8726 179 KB
56 KB 201ms
200ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 850B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcNb_233aZOScIuzXn88Ppo2noA6z8N-rcuzLseGtEeGu2K2SOhABINXY2ilg--GFg5wKoAHjwKvHA8gBCakCSoEp5l9csj6oAwHIA8sEqgS5AU_QGuejwBrg34Qr2LSHEJ_L4-yJdFWhmWS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226336855918748205915%22,%22debug_reporting%22:true,%22destination%22:%22https://stylight.fr%22,%22event_report_window%22:%2...

0
0

59ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226336855918748205915%22,%22debug_reporting%22:true,%22destination%22:%22https://stylight.fr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954916963%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214992667009861759089%22}&andc=true

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6336855918748205915","debug_reporting":true,"destination":"https://stylight.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954916963"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"14992667009861759089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6336855918748205915","debug_reporting":true,"destination":"https://stylight.fr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954916963"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"14992667009861759089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 02B4 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 57FF 37 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H/1.1 200
OK resource Show response
mssdk-va.byteoversea.com/web/ Frame 02B4 223 B
2 KB 273ms
187ms XHR
application/json 95.101.111.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/resource?eq=uZIkF72kHtfIS-XuJSzGj6nsw70cJ/fmT6ejvZ6PMvruf7f/SVjul58Gxbuj2CqiA5aLfroC75YJI/30MG8DFI6veDFB
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-174.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd279a1f374accb7a4943f04474106293b6f19ac4d9ba3188d42252b4fc87a03

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Akamai-Request-ID: 1baaa9e.2bd55251
Date: Mon, 14 Aug 2023 19:17:49 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-23-208-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 157,2.23.208.174
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=69, inner; dur=57
Content-Length: 230
X-Ms-Token: m8_WgzciO6fjcoBK3tvZSXi4WrlJd-l3tl1P_EPQMpjGX_7msQkuGf_-_EXWBOlu9R1W1MJO6LPdPr7ayUCyWFvyOzC8LQf76I7ks-4S1y4=
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308141917482D1C52C6FBC6C1516486
X-Cache-Remote: TCP_MISS from a23-217-116-213.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 69,23.217.116.213
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec264a3b0f1db8148f4380e56d659d8021786b17612b70ed64ebcbe05033dbb2c5d9ea62426c7f711ba99a88101decb4f5ced0cb7db99333c712725d9aee00f1431958b819fea787cbe5745e0a2ec1b9e956a2226a72325dcd762a931b99a07800878
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 14 Aug 2023 19:17:49 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
162ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 30D9 14 KB
1 KB 56ms
55ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 30D9 2 KB
895 B 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 30D9 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FD2 143 B
166 B 27ms
26ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 30D9 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 30D9 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30D9 179 KB
56 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 30D9 33 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

OPTIONS
H/1.1 200
OK /
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 0
0 194ms
124ms Preflight
application/json 23.38.98.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-155.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 60
Content-Type: application/json; charset=utf-8
Date: Mon, 14 Aug 2023 19:17:49 GMT
Expires: Mon, 14 Aug 2023 19:17:49 GMT
Pragma: no-cache
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=3 inner; dur=1
X-Akamai-Request-ID: 25e0a8f.1330f69
X-Cache: TCP_MISS from a23-38-99-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
X-Cache-Remote: TCP_MISS from a23-220-106-84.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
X-Origin-Response-Time: 3,23.220.106.84
X-Parent-Response-Time: 93,23.38.99.219
X-Tt-Logid: 20230814191748164D0FFCFF8A234B0FBC
x-tt-trace-host: 015f587c6f519c953866e0424f04ed419ec9b6fc198dd9b1ce53fa08bad0a862c7fb8734584398f0b7cb0643a03614f35939bf87f80060bcd1aa655faba699b32072dc34f05978fb09f2b9997c39e87461190dfbc3df4f9be4c8d2d45a59e6ef3f4d0ab0af6a92f1121824f2dd3ded834b
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK / Show response
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 02B4 553 B
2 KB 230ms
230ms XHR
application/json 23.38.98.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-155.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID: 159e1ac3.1330fd2
Date: Mon, 14 Aug 2023 19:17:49 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a23-38-99-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
X-Parent-Response-Time: 202,23.38.99.219
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=174, origin; dur=28, inner; dur=16
Content-Length: 316
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308141917480F2DB249B4F13962FF0D
X-Cache-Remote: TCP_MISS from a23-48-215-173.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
X-Origin-Response-Time: 28,23.48.215.173
x-tt-trace-host: 015f587c6f519c953866e0424f04ed419eb3b80a00965efe92ca4d2a07adaccc113dcc9e1e7f34951975d51f86123099d5d4ce391ba5197dd068f2fd605f6c963a8e7384b5db6d531e91a0cb1bed3cf4dc1852b23cddd87e7cc5451b41efdcaa876d13dc45c4e16a1cf25329769eed15a5
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires: Mon, 14 Aug 2023 19:17:49 GMT

GET
H3 200 13888165382829236247
tpc.googlesyndication.com/simgad/ Frame 3CDE 2 KB
2 KB 25ms
25ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13888165382829236247?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 06:33:36 GMT
x-content-type-options: nosniff
age: 477853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2461
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 06:58:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Aug 2024 06:33:36 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame A029 114 KB
14 KB 33ms
31ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 461079
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8pE4u6LyqpGRAYIWZH%2BcjZTiXfTB0MMreq%2F7QCY2F%2FpFqn2j89unCVWXeApDic5V9m3KlE30%2Bbbi5zrGyrkA4kIFx2oeJL%2F74cKCJawcj8eRSe27IaBtyPXvGAgwMrGtVcNLd0Zat4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f6b8a47bfa53ca5-CDG
expires: Mon, 14 Aug 2023 20:17:49 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A029 25 KB
10 KB 55ms
45ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528442
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb7sbUmAn4sgaBSBkvw9rbYh2gtW%2B3G1PgCE6mXLqcnzqVqzQPhd4GBYg5q8I8IjkEPAe0FH6PuribNo74j2wrzSABC%2F76ocTr3fdQNDL49wL5Qd7cc2Zl4WWqvfpiyyK2gIvwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f6b8a47cfb43ca5-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 16:30:16 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0784
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEI7gfa588Smm8lVGD8YJSvU&google_cver=1&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_otyDO25Iy6RoBhkp-...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31F5D41984874F378FE864C0BD9B1C98&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_ot...

170 B
329 B

37ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31F5D41984874F378FE864C0BD9B1C98&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_otyDO25Iy6RoBhkp-IZqACqGA9qCf5INbI7mpVf1ESFsaXp74irMdDpeOK3_AM10lSNK8LWNUE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Aug 2023 19:17:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=31F5D41984874F378FE864C0BD9B1C98&google_push=AXcoOmQ9WPnWPRej27dkZ1rkjlQ8t_Vg-MN23aPtbnWVbhBSbaFSluiubfuvwYHHkec1sWR05IaeJ-qXwmvL_otyDO25Iy6RoBhkp-IZqACqGA9qCf5INbI7mpVf1ESFsaXp74irMdDpeOK3_AM10lSNK8LWNUE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 13 Aug 2023 19:17:49 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0784 43 B
146 B 404ms
24ms Image
image/gif 35.157.211.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAFEsC4Mt3IWo7BsLWShGzU&google_cver=1&google_push=AXcoOmTkqDg5giodSfQk1sBI8cJBh6g2K_XkLpxMySSaDNZbeW7wLpQt7nTxRdwWqjCENGPoAgesDqNtFLKWOJw75_vCvbDWhQ8L6zFTJrcS1RUsOgTPThURhWEeL8o_Zt1mOZJJPfGp5pBTV97oL3gwsbFgchY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.211.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-211-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0784
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQ6iPYr...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQ6iPYr...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA4MTQxOTE3NTAwMDAxMDU4OTk1Nzg1Mw%3D%3D&google_push=AXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JI...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA4MTQxOTE3NTAwMDAxMDU4OTk1Nzg1Mw%3D%3D&google_push=AXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JIjU_3SOXxSY8dHBSNqMAXkGK1WSsk5aqt9TvhgM_ObGH-orD3EtfBxi4wEvtVaJ1d2TjV4mSbKANVJxS_f3V0d4QWM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA4MTQxOTE3NTAwMDAxMDU4OTk1Nzg1Mw%3D%3D&google_push=AXcoOmQ6iPYrwlP9DbEysLhLL9uZVriPxCE9CIhAV8aKoh_S1fdLmEIUQY62wRDEXSd8JIjU_3SOXxSY8dHBSNqMAXkGK1WSsk5aqt9TvhgM_ObGH-orD3EtfBxi4wEvtVaJ1d2TjV4mSbKANVJxS_f3V0d4QWM
pragma: no-cache
date: Mon, 14 Aug 2023 19:17:50 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 14 Aug 2023 19:17:50 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0784 43 B
363 B 325ms
21ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRARvyI-R4kYOBowXGkOvVm-0ulifa3iLqWnh-rdWUf-mh2FyFyY5Eq8HOphKbwy3hczadBY4y_zPKMDVG5N9lH7tyhr5VPhMVKx8FV2Tsn7o9VNozWauY6OtQv_kPDoHvQwXfCbZIgpQWlmeF7TXh-ihs&google_gid=CAESEOwz_5FWcrwGPZ_F5s7ywV0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 203581
expires: Mon, 14 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0784
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBuL6C_O4UGMeITZ9Y6g-vQ&google_cver=1&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBuL6C_O4UGMeITZ9Y6g-vQ&google_cver=1&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2U...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MjM2NTE3NTk5ODkzNTc3MA&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH...

170 B
188 B

121ms
121ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MjM2NTE3NTk5ODkzNTc3MA&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55Gv1WU4I1FKJW7JTzeiRbcUhVA5WqzMEvAs6YaGTdp2KDqwwvNV8oNwDV-06IWapkhE-e_1xjso29cPc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MjM2NTE3NTk5ODkzNTc3MA&google_push=AXcoOmSVfpkyuvUMaWROxE1Y7CF7qLvR7qShUX5-2VeiMgaCXBJB7fl3HjDkX_odCYiua6LZW2UtYH55Gv1WU4I1FKJW7JTzeiRbcUhVA5WqzMEvAs6YaGTdp2KDqwwvNV8oNwDV-06IWapkhE-e_1xjso29cPc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 0784 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 0784
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFXo172fb5m0...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR1vx02bzWDJaNHUKa1P0pkliwqLmgmTo7eEYzUZeEmEMT9nJvLg5SNAOP1r11aJpQDaD3_xOGkVwAXVIWWpgdfuPxQy-fXyHjxSTq90o0w1pfv9...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

120ms
120ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 14 Aug 2023 19:17:50 GMT
pragma: no-cache
date: Mon, 14 Aug 2023 19:17:50 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0784 0
130 B 356ms
33ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILKQiFcw7w0OphXEELOyQy_Fmgdk6-FFNsxHp63DwaZ8o3bPuj6XFXdWKqs3gWjN1HoK0TLTQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8726 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce916944a0bf06b686481c9a97d710f2d9b3995e1f27ac85011df24f7b8a014

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3959 143 B
166 B 121ms
121ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame 02B4 21 B
1013 B 129ms
128ms XHR
application/json 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 14 Aug 2023 19:17:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 98,2.23.208.131
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=10, inner; dur=4
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308141917480219F640747A46CA852C
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 10,23.217.116.220
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec2644f5e7995d32562eedcdf16c87891b96be985f3b0240e4c40b8fb53a938d6cc9ec842d64f9ce63189e062b422d2120e8d78ad9ea7fb3478996eb01126127d7980e4f39fea8cf1a1760eea600d7c693bffaeff2e3b6ebe74cea8112b83ba28a8dd
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 120ms
120ms Preflight 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Aug 2023 19:17:49 GMT
Server: nginx
Server-Timing: inner; dur=3 cdn-cache; desc=MISS, edge; dur=1, origin; dur=90
X-Origin-Response-Time: 91,2.23.208.131
X-Tt-Logid: 20230814191748D3A8062FC2B4F0D341A1
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec26487916176dd5e621046af0c3f3d431d116590121e63baffe3ec0e65c90873c852dd2f18f86652de012e36c8ddc43c4bb18b584244e77db3e8266f42adc4b7ca9514e8b9cc7222fc2c8bac1ffe0b78a9f2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
DATA 200
OK truncated
/ Frame 3CDE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0875b09b34167dfd3ab3d33c8f719830475bc10b7d46a5a75316dd5d3240b64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webmssdk_ex.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/ Frame 02B4 409 KB
130 KB 31ms
30ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Requested by: Host: sf16-secsdk.ttwstatic.com
URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec8348
date: Mon, 14 Aug 2023 19:17:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JOY5i10QgUHN/Pm1oN7JQg==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-parent-response-time: 3,23.33.32.239
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 132588
last-modified: Fri, 16 Jun 2023 05:21:54 GMT
opc-request-id: iad-1:4v8yN94Krvu21A_UsHSXUfiyYBd8Zqh_suW2OY39t5Tqt7S-zCMA7ZikOf0oQFRj
x-api-id: native
etag: e40a7621-2775-455f-b406-bb1cc47ba38c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 95f3a350-ab1d-468d-b639-5b320546947c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FD2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 31C4 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F66F 42 B
64 B 180ms
129ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLBX6KDLEP62fWP2nIjUJy1ZzjYXfgjmhBvnEp2D35a-sfNBSiVGKJRV1mh8i_SZu1Rw54O4gtB-aeUWKfHtXCPqTTvkDka9juAaGBPoyp9p0W2owdPk0Nqw-t84ufIu6oQ42GGCJIRphO&sai=AMfl-YTb7FBUxqIybdNEysxpboFH9_MSpkVub-AfyQi4u-axs91cIFqHF90c3MpELCjKNNyozIPx-jGifMIV&sig=Cg0ArKJSzIq7WMsc96VUEAE&cid=CAQSGwBpAlJWRhsbp1RbCFJdW7k8mRqZuvw4aMI--hgB&id=lidar2&mcvt=1063&p=0,0,280,1150&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3505500867&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692040667199&rpt=1399&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 60FD 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A029 3 KB
4 KB 81ms
28ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3575
x-guploader-uploadid: ADPycdu9hI5KhWwekmbiJxMpprNwecgejys-2ASEztjHfdzcrEupei4PZDHaPZtatBMDzyN1V9r86Ku15JwOlP1sqWW8SQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNsVbQAqntvakGJ0C%2BNYTzflX%2BGtdlarNe6mPsDKHoELUt%2BB00naedliAvKnsjX1lhSl0jJEiyseVQL%2FFNH77iMxe2rGwIgoGXE0yZH8ogqPkqyxggUkyCoU6KU5M2%2FZi1mk2ZRzqLCcCoRdlZVFof%2Fj"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f6b8a49ef1099e7-CDG
expires: Mon, 14 Aug 2023 19:18:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3CDE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CeA1z233aZI2nEMrxn88PiJ6dqA7Yq9aXcLa-3qbvD_LKzvvzLxABINXY2ilg--GFg5wKoAGtlprZA8gBAagDAcgDywSqBLsBT9C2Jt69yin-JpKcCwD_nz_UO2jXuiRY2-0SDy60m6Ld4s0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223995241106282257442%22,%22debug_reporting%22:true,%22destination%22:%22https://acrobiosystems.com%22,%22event_report_windo...

0
0

60ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223995241106282257442%22,%22debug_reporting%22:true,%22destination%22:%22https://acrobiosystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992381741%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216574173729908183633%22}&andc=true

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3995241106282257442","debug_reporting":true,"destination":"https://acrobiosystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992381741"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"16574173729908183633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:17:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3995241106282257442","debug_reporting":true,"destination":"https://acrobiosystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992381741"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"16574173729908183633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame FD90 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1722535
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f6b8a49c8410377-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqpbU3lz%2BkOIi0ki1l5ZB82Ko1q4HGa%2BOKkYV7y8qFDNYv3047qqcHZU2XQyIBSGSwihQyTVkyoo4kylLeKU8kgGivvxpIiOC3K%2F72bHVUcA2BKGSSjBjFFOh469oO%2BlzxyzzSA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3959
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
40ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
expires: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8332 37 KB
14 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:17:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 02B4 0
0 211ms
155ms Ping
application/json 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 02B4 0
0 212ms
156ms Ping
application/json 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec8442
date: Mon, 14 Aug 2023 19:17:49 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 2991
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:_853pmLbsNuvmRJ5IZed4lt1KFVxkE0HVQENcZRLn-Fed5lvEhBkVB4msHpGc2P-
x-api-id: native
etag: baaa2b8a-fb86-43d6-b9ba-62924e69a2a8
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 9d73d101-952e-4a51-a73c-f6fa893e476f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:49 GMT

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 158ms
158ms Preflight
application/json 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 4b4dd2797f8f426392f28c48b4fbe750
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 14 Aug 2023 19:17:50 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=98, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1692040670020756
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230814191749D9B86EE3882B915C8842
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0ea47c32f8287120b9554af2b727d7f7914f5a4e86530e51c19577502d710aeb31e61ec6530bd1f58121c132427c5c5042cb2216f14353926b62a8c7d6d916e32d7647c77f3975cf92c40a45262a1dac43
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_static_fra3_internal

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame 02B4 1 KB
1 KB 146ms
134ms XHR
application/json 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

8d59c313a152e03e61d67aaa9f5435df9b7c19a8c362e06400a64bed6d1043ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1692040670208110
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_static_fra3_internal
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=104, edge;dur=2
server: Tengine
x-tt-logid: 2023081419174977AA75277B3B575A7B44
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a7a866bcd543dc00a1b34b739d77e49977be7eda2df030536f1b7a1a83a989d6714e1dab646a42f1705eed22a7b4ae865a9a439bdcef6564e79182722a3f237bdcc10fb48f7508412fd0a153b46ea6d1fc8eb9d9122301744d174268a0a403d450
access-control-allow-headers: Content-Type
bd-request-id: fba0a16b5db6464fb55008dd453ebb20

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame 02B4 21 B
939 B 145ms
142ms XHR
application/json 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Cross-Origin-Resource-Policy: cross-origin
Server-Timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=110
Connection: keep-alive
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230814191749289E387809816CC97894
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 110,2.23.208.131
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec26487916176dd5e621046af0c3f3d431d118a3fe8a9ac4ab36cfbfa6ab2cec524db3bbf5dfc0689218d4b342b12092578843f522d3bd42cbac708aa13e206f065333a07ef6ef38e1cfcfc2d9844a8660f47
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 127ms
127ms Preflight 95.101.111.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-131.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 14 Aug 2023 19:17:50 GMT
Server: nginx
Server-Timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=93
X-Origin-Response-Time: 93,2.23.208.131
X-Tt-Logid: 20230814191749289E387809816CC97885
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec26487916176dd5e621046af0c3f3d431d118a3fe8a9ac4ab36cfbfa6ab2cec524db3bbf5dfc0689218d4b342b1209257884d325b1f47f7442540b91c5a679d2a834732335d8fae5afb3b727b361ed90cc47
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8726 0
19 B 127ms
127ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq5tx3H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEsQFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq1sMiIGNv-nl0ZA3XQFlcMRgHMGH2LVM1b_NrndscFuBOaZw_QBpOABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xOTQyODQ0MjYxMTQ3NzM0GAA&sigh=NhWFplLpzag&uach_m=[UACH]&cid=CAQSPABpAlJWTEsPlpzpbAUfHIt67SnIUrJYpDNo2eJ9c_NeB7R-9ap10N6DMAmUSUwh2GBCQHTV98Q1DAgFDxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:17:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8726 0
103 B 246ms
85ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hnps47gdeqkc3egajf5qfqzvz51apyxrtv1ryem85qmbtjsfcfps1xrenv062bkascb5r3320gsxtt29mpgrm99e8jfg6p135jtqx3d7j53mqfc2e482szzy2v8jgwhkk24r64pgbaxefs7tpre10qkbxxhn96aqgabfpgbgbze6yd1afv32y9z3x5x8bjz14mxtecr6sbjk34aqwbs8bc4m7nh6ejtxe94vvhvj39knv87m34nqg7z0d30vjyqazf0axr3q64qs0g1dkma6jjkcx59dectw22hdtkxmkq1w0n0d6trdmv9dxgzgqkm5jmg549t8mmgya7j5z33fb3ye3y7w1s53pq0jnw7jc133nsmcr49m301mp2m7p7075xjv4hz5m&b=ZNp93AAGZigD5-pqAA0pfbGIZJx-UGGI2RGjZw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1692033468&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692040666838&bpp=1&bdt=365&idt=644&shv=r20230810&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0cca814da9da939-2208270d51de00ea%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg&gpic=UID%3D00000c60835b6bc5%3AT%3D1692040667%3ART%3D1692040667%3AS%3DALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=1287940977713&frm=20&pv=1&ga_vid=1568474993.1692040667&ga_sid=1692040667&ga_hid=396339812&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076924%2C44798934%2C31076951&oid=2&psts=AOrYGsmNLlPk49YIhr15HszfLjOaPfrpO3xOMI9K5M-NNm0sMikAUIlxhP95lTuPxI9hGMG2P6HFPVJRruaj7hUUVm8&pvsid=3423126600009424&tmod=758950457&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&xpc=f1O8epVWSL&p=https%3A//ldiena.lt&dtd=1473
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Aug 2023 19:17:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 47F2 37 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H2 200 TikTokFont-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 02B4 55 KB
56 KB 151ms
50ms Font
font/woff2 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 169e2411
date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: /fJgDZBaD6oGDWkeAhLhpw==
x-tt-trace-id: 00-efba2c30105c8f66657e4d060282049c-efba2c30105c8f66-01
x-cache: TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=5
content-length: 56492
x-tos-request-id: 53b6d455f238e56b6455f238-af54d2d
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 2023050606224784E5D1FB585CF87BF7AF
etag: CNHJjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1148381
access-control-allow-credentials: false
x-tt-trace-host: 01c552f39abfd8b5dc951657f40ed0317f64d42228e4b044d40772ddde881da0ec648510a07c12ab1f93d2587c09c486772ab2cffe77c6ef681d30a40f4060e38b18b5b5573d564a9ef4534e5f5a264d6f3caa7c40682ebfa05b0f6898354428e24ef105190a5a7b38b67884e7748186fbe293b618d11ad621fbd802c5799e0bce
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TikTokDisplayFont-Bold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 02B4 57 KB
58 KB 205ms
105ms Font
font/woff2 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokDisplayFont-Bold.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 169e24ba
date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JqGJHyctwX9axpqM/eKZHQ==
x-tt-trace-id: 00-efba27ce106296fa2b7e0ec601d2049c-efba27ce106296fa-01
x-cache: TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 58828
x-tos-request-id: a59baa55f2380d766455f238-af54b11
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 20230506062247BE9AE11EE051B992B99C
etag: CPm5i+WN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=280314
access-control-allow-credentials: false
x-tt-trace-host: 01e067de3ea1aa39a880550a4b750cf9c089abbf94eed3558e893d6ff355ac22e78752d90f1131bbda7f19fd6bd62060b00a214ad3b0bd9669f4cb0ca70342ace7116b15f79f9c1b98cab2f6465b77a4247afbbc2bd4fc009a99c6d0f6ffc12a10720d9fd1008450a992c54e71cd45006567bdbe6c865ec7e358c7d07b5bd3b95a
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TikTokFont-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 02B4 56 KB
57 KB 214ms
114ms Font
font/woff2 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 169e24bb
date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z9iG4cqEmn+OJgB2PyNteA==
x-tt-trace-id: 00-efba2a8d1060eab31e6c95c602d6049c-efba2a8d1060eab3-01
x-cache: TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 56968
x-tos-request-id: 1dc7db55f2377ad26455f237-af54405
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 2023050606224795819C54D0949B685230
etag: CJzWjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1280648
access-control-allow-credentials: false
x-tt-trace-host: 013ab5c6e35edce4c8480d5404b045d49f2c5e087b395f46baaf2f7bb2d1d7d1b4ec59d6f105336bf47482acc401687df0657224363ceda31fb1b0e7367fc72feb699f38c0cacaa3984fbace91fc7ef4f0ca399a6d945d9ef6efd11bf8c33653fd1e3ca18d4999a6fb3660f04fd6bdd2709834a63ea333f017f5f9cad87236ca7c
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 350d4d919a9b4ad9a0307ac05a5bee8c_1692017722
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 160 KB
161 KB 45ms
29ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/350d4d919a9b4ad9a0307ac05a5bee8c_1692017722?x-expires=1692061200&x-signature=ZWdG79ymbyS640jK90WSotmJS5E%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 76d6c5fa3e145cff0dc1a7c2ad5631d0171c2ac0c3bdabc13eacf58e02748101

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 64f2ec.466f3d60
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230814125649941E869643AFA4490BABt26v431df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 2,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=7
x-length: 163362
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 163362
last-modified: Mon, 14 Aug 2023 12:56:50 GMT
server: nginx
x-tt-logid: 20230814125649941E869643AFA4490BAB
x-response-date: Mon, 14 Aug 2023 12:56:50 GMT
x-cache-remote: TCP_HIT from a2-19-125-156.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-14T12:56:50.425524739Z 45
x-request-ip: fdbd:dccd:cdc2:137d:0:5b::
x-origin-response-time: 77,23.204.146.6
x-response-cinfo: fdbd:dccd:cdc2:137d:0:5b::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01cfe32ef6bb92a020e9b0b5e668f106a726eb4a8ea450b05062dbe33cd039977ff33a38f8b0ed64dda730df3ecfa84b59f4e795328b7229d2d84fa67c0f819d6656ff2d7207bd847b717738b8734ffba0c921a1744bdd4984767ee5a64e19d4e3e9608799002fb04469233231f294ae8375734e1546d554758bc811fa58c7a5b2
cache-control: max-age=31513056

GET
H2 200 oMNyCmITCbzbRYghLufv2EgwhHVJIoAIFzBnxA
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 86 KB
87 KB 67ms
51ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMNyCmITCbzbRYghLufv2EgwhHVJIoAIFzBnxA?x-expires=1692061200&x-signature=AkAhPA85ml2DK0NmCcg9C%2BHYxDQ%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 647145d5cd7f90bd77ee77d95104193aad8b126abae6ca3d68ccbb37d611e959

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ac95b1.466f3d61
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308131122045D7154D7CB056D10CBDAm897b31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 14,23.54.207.41, 7,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=0, inner; dur=43
x-length: 87556
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 87556
last-modified: Sun, 13 Aug 2023 11:22:05 GMT
server: nginx
x-tt-logid: 202308131122045D7154D7CB056D10CBDA
x-response-date: Sun, 13 Aug 2023 11:22:05 GMT
x-cache-remote: TCP_HIT from a2-19-125-150.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-13T11:22:05.144735438Z 38
x-request-ip: fdbd:dccd:cdc2:1175:0:35d::
cache-control: max-age=31420986
x-response-cinfo: fdbd:dccd:cdc2:1175:0:35d::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01da461abe7883cbea28972e2f574d8404f5b0adb25060e497c63dc8494154953f5684f4036df259b4d6b85675f9cd38cd8dc627952a15c88b18aca60a4dcad762dcf34f426b9e18915f82eef1b06f2047c11da07e53527de0ee4e7662eed6b6e7d8611f4a34e6a2bfe9f44f945ab56ce0e9b8f92afcdaa62360592a621ad50e6e

GET
H2 200 oU1AIBD9M5n6RKQJBfmIeBXDbPPAPkIE63EFpp
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 59 KB
60 KB 45ms
30ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oU1AIBD9M5n6RKQJBfmIeBXDbPPAPkIE63EFpp?x-expires=1692061200&x-signature=lvBv0vIooIuNga7vLX0FndZeueo%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: f972086f21ac2dee0629917637500f4a9464c268fbd53176531d3c94b683807b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-tt-trace-id: 00-eb79139610624f26f6b74a86050604d1-eb79139610624f26-01
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=3
x-cache-remote: TCP_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-tt-logid: 202308122023249A6B41756CD1E4E620FD
x-response-date: Sat, 12 Aug 2023 20:23:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-12T20:23:25.837655149Z 39
x-request-ip: fdbd:dccd:cdc2:1175:0:3c9::
x-origin-response-time: 77,23.204.146.15
x-tt-trace-host: 01d0c82e9e48ec87a7522561085ea0fd2d08e8deba75cf6a6516e7bf31bffbd676f22c7d125edde1f6eae4cadde1bac505592783ec9e4dd97c112b1873facbc9b680a5e904a576a17a6155ccbf3fa088be2e29e7e296d6ffe6e749ac9a2fedc45a13cc22079cf1eb01c4f9d9fbdd165a6e65859e6f97099b1a46f1bc81752f24aa
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
cache-control: max-age=31367205
x-akamai-request-id: f6ab0e.466f3d62
date: Mon, 14 Aug 2023 19:17:50 GMT
nw-session-id: 202308122023249A6B41756CD1E4E620FD8bp2d31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 2,2.19.125.132
x-length: 60003
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 60003
last-modified: Sat, 12 Aug 2023 20:23:25 GMT
server: nginx
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3c9::
timing-allow-origin: *

GET
H2 200 cab3b5b7c70a4d1bbe0538065fc20ebd_1691507148
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 146 KB
148 KB 62ms
48ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/cab3b5b7c70a4d1bbe0538065fc20ebd_1691507148?x-expires=1692061200&x-signature=jPrM4fW3BBS9kADlTwPylayaK%2BI%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 52fc7b078b94e161b56f22a89c5fca7a537afe684d50a63fe26b386111b21a07

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ac95ab.466f3d63
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230808150901CC7F26C9C885725DE7A0c9pns31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 4,23.54.207.8, 6,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=0, inner; dur=2
x-length: 149901
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 149901
last-modified: Tue, 08 Aug 2023 15:09:02 GMT
server: nginx
x-tt-logid: 20230808150901CC7F26C9C885725DE7A0
x-response-date: Tue, 08 Aug 2023 15:09:02 GMT
x-cache-remote: TCP_HIT from a2-19-125-150.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-08T15:09:02.887046636Z 75
x-request-ip: fdbd:dccd:cdc2:13d3:0:13b::
cache-control: max-age=31002577
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:13b::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 011c6d18378e0ae7cf51e9e3094770c2db562c87759826e7acc230db47ec6c5ee69d741bd3b425fdd836e560808e40fba0f5206644590e9dc8b7c33dca9484709bbc589852914971ae1f3ea6a51dbe04229dbac1767e16db3839bc051955b473de9c60103c32d151d9b6b2c4519518e71ae07a0cb66f3b8075e9f6208098905ced

GET
H2 200 7eb074cff9ae4274b69da6dbcb0880d1_1691425138
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 188 KB
190 KB 61ms
48ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/7eb074cff9ae4274b69da6dbcb0880d1_1691425138?x-expires=1692061200&x-signature=1uh878u2f0aVdHx5OxHfaxc09Eg%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 56175fc5881c3bd437105451e7a577a46b9b130895331a1bf4e1aeaa3f64c37d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 64f2dd.466f3d6e
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230807162351D6C018DA8E678DBDE698wvgtd31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 15,184.27.176.55, 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=51
x-length: 192923
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 192923
last-modified: Mon, 07 Aug 2023 16:23:52 GMT
server: nginx
x-tt-logid: 20230807162351D6C018DA8E678DBDE698
x-response-date: Mon, 07 Aug 2023 16:23:52 GMT
x-cache-remote: TCP_HIT from a2-19-125-156.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-07T16:23:52.872333223Z 47
x-request-ip: fdbd:dccd:cdc2:1175:0:361::
cache-control: max-age=30920713
x-response-cinfo: fdbd:dccd:cdc2:1175:0:361::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01a35715c19964ad0f4e4ddb7bf3ea74ccd792329ca56ae69ea91cee46c5ded4a30c898fcfdad658db86e3297b2f9b57d229a9a1272aaac38369c23f0a7956d9da1be3c67c8b5353f32f6f581748b992892681d8723dbd163208a10e9cb0e07e2b82c9b5e2b53b4ab3cb1d2e52c388ce2fa6b48783696f13dfa2d4f9379bc80c33

GET
H2 200 o4aFJIB5Eh7z2B0hIByCRzpAaIuznBBNoA8fPI
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 116 KB
117 KB 60ms
47ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o4aFJIB5Eh7z2B0hIByCRzpAaIuznBBNoA8fPI?x-expires=1692061200&x-signature=jugcWTx%2BftEtmX6wcndh%2BGuh3hc%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 740f9a62f2704917aefa665e7678617c6a165cc445125993331133e3f2aa7989

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f6ab21.466f3d6f
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308071502184946D103CC1F68B5BEB8zb4vn31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 2,23.222.242.206, 3,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=4
x-length: 118803
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 118803
last-modified: Mon, 07 Aug 2023 15:02:19 GMT
server: nginx
x-tt-logid: 202308071502184946D103CC1F68B5BEB8
x-response-date: Mon, 07 Aug 2023 15:02:19 GMT
x-cache-remote: TCP_MEM_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-07T15:02:19.4768725Z 45
x-request-ip: fdbd:dccd:cdc2:1175:0:398::
cache-control: max-age=30915819
x-response-cinfo: fdbd:dccd:cdc2:1175:0:398::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01c28a264fc7a3f5321dffa178b9ab4e139ba5ef6a5506e64bc25cc52a996471e5fe66747e544712a25c8f6616bc44480c9b9ad115f51bc926e6070bb1a084875bf35f8cf9ab4d02523887cedf2c8a9693299a87ecc23548f2c5ba980325894db74fb28e98b31326c82065ac764e1c52d0164a79c6c850cad883c7869eb0062d67

GET
H2 200 o0iCqFzOzITWxQLGAVfCnsI4AANCyOhEhvosCa
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 143 KB
144 KB 45ms
32ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o0iCqFzOzITWxQLGAVfCnsI4AANCyOhEhvosCa?x-expires=1692061200&x-signature=IwON%2FRCHfcSCemhH8S6zPbudJ7I%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 05d08e4a596a10e19ed5e0d3ea33ed2d012783c02f39a60dea4667cb24ad680c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 466f3d70
date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230812180036F04320B221FEC3F10929cndp431df
x-powered-by: ImageX
x-cache: TCP_HIT from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 11,23.204.146.39
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
x-length: 145956
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 145956
last-modified: Sat, 12 Aug 2023 18:00:37 GMT
server: nginx
x-tt-logid: 20230812180036F04320B221FEC3F10929
x-response-date: Sat, 12 Aug 2023 18:00:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-12T18:00:37.930006369Z 63
x-request-ip: fdbd:dccd:cdc2:13d3:0:135::
cache-control: max-age=31358539
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:135::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01d1a8b7f2b06ade2e0cd443a0c4275f2dcffc5cb596f667b09a96c14786e0e6ac75a34e386b07f76df1f4350c72ee0c2049f8a7d04674b1067ac8963b69c62e4055ae72fc5e0f0632d0b90f8eee2e4dc8025f68a9d591fa6f065c5051f593c848e6dbf2244ea353b2e6b28e73c743523f513a62fccf6426133b31455c66672df8

GET
H2 200 oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 116 KB
118 KB 60ms
47ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs?x-expires=1692061200&x-signature=I7fa5V3uuaNXP%2Bx%2BxUSIMfjTAAE%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1277de4.466f3d71
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308101648040AA6865AD7E012E29FC3gvrnd31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 6,23.204.146.54, 2,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=2
x-length: 119249
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 119249
last-modified: Thu, 10 Aug 2023 16:48:05 GMT
server: nginx
x-tt-logid: 202308101648040AA6865AD7E012E29FC3
x-response-date: Thu, 10 Aug 2023 16:48:05 GMT
x-cache-remote: TCP_MEM_HIT from a2-19-125-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-10T16:48:05.715551023Z 69
x-request-ip: fdbd:dccd:cdc2:1175:0:3ac::
cache-control: max-age=31181357
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3ac::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01552497881cf519054092f18f5f9103d8436f1ad84469079f8ceadcff733b4b82fc018559e68a35c32c8bc3f17027c3fa5e38a136e609163ab769c10c2d758a3395a7eb9d039e88bb82b17c11ddf558cf758c86e9ddb2c56ca89f3df64996cb518ec55bcf8a6dcd0903aa40f72275863fd21b9e3ba4d9702890061cc6cdb84667

GET
H2 200 ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 02B4 63 KB
64 KB 44ms
33ms Image
image/jpeg 2.19.126.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg?x-expires=1692061200&x-signature=KBS8JMBTMy%2BZLYy7FnQYKrRfljg%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-196.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f6ab07.466f3d72
date: Mon, 14 Aug 2023 19:17:50 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 202308042253050BB061A405762FAD90F5h92kk31df
x-powered-by: ImageX
x-cache: TCP_MISS from a2-19-125-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,184.27.176.18, 39,23.54.207.19, 2,2.19.125.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=51
x-length: 64537
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 64537
last-modified: Fri, 04 Aug 2023 22:53:06 GMT
server: nginx
x-tt-logid: 202308042253050BB061A405762FAD90F5
x-response-date: Fri, 04 Aug 2023 22:53:06 GMT
x-cache-remote: TCP_MEM_HIT from a2-19-125-136.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T22:53:06.584645255Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1cc7::
cache-control: max-age=30684943
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1cc7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 011e92ba2cce2c80104f2738c8b4f69bc756e3dbf66f87177cf8eb5b0756dc19d5c038244d41bedb632afd150bbdcc56f037d80d95b90ad9e68fff94d6a8178a6b5e4a2ebcdbeda792fbbf8945d5168c6e620290a268116215fa8b49d67f44fec98f3546cd4a05c031f2033b97cdd718ebc4f2818a9b95e6c2f95ff4dfc7fcf872

GET
H2 200 common-monitors.1.9.0.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame 02B4 20 KB
8 KB 113ms
27ms Script
application/javascript 2.16.202.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.9.0.js
Requested by: Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b63ff7b048110e52b9243be61c0e78951f9409d92ac490830bfafde3bbde2d98

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1fc8ff5
date: Mon, 14 Aug 2023 19:17:50 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 18BjhDZwCDMan3CJcfuN9g==
x-cache: TCP_MEM_HIT from a2-16-202-87.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 7787
x-tos-request-id: 87b43ed4a83790e464d4a837-ade5a9a
x-tos-response-time: Thu, 10 Aug 2023 09:04:55 GMT
last-modified: Thu, 10 Aug 2023 09:04:29 GMT
server: nginx
x-tt-logid: 20230810090458668A6F1B6B81033A789B
etag: W/"d7c06384367008331a9f708971fb8df6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
x-origin-response-time: 25,23.201.44.182
access-control-allow-credentials: false
x-tt-trace-host: 01fb4c29cc7d8cf528ffcb429ea80d9fe3ba76f8756d45d7d2bcc2124431c81264cf887e3ed6f4f86cfb7b3b6d3f6b3c28eb1ec864c7a3bd40b37c1bc3078f93c52ec12dfe6c98a6c0e70722fd520d48a7628c37dec4de641545b3eacef55d8a0480831d6ba97d3e3f526787644c2f98b4
timing-allow-origin: *
access-control-allow-headers: *
expires: Mon, 14 Aug 2023 19:22:50 GMT

GET
H2 200 common-monitors.1.5.0.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame 02B4 19 KB
8 KB 270ms
270ms Script
application/javascript 23.0.174.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.232 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1ec860f
date: Mon, 14 Aug 2023 19:17:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lJMNanjiQY7KAJ1oFCsUBQ==
x-cache: TCP_MEM_HIT from a23-0-174-228.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7318
last-modified: Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id: iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id: native
etag: f69b14ef-715b-4897-9d2b-f2811c896f09
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 19:17:50 GMT

OPTIONS
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 229ms
145ms Preflight 2.16.202.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-120.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:50 GMT
server: nginx
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=17 inner; dur=3
x-akamai-request-id: 279a0e65.128d9e23
x-cache: TCP_MISS from a2-16-202-116.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-cache-remote: TCP_MISS from a23-43-56-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-origin-response-time: 17,23.43.56.175
x-parent-response-time: 121,2.16.202.116
x-tt-logid: 20230814191749E269A211D088F736838B
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec264e17ced45f0fd2808fcd37e1dab27769e909dd06a87689d66c8e849095316ce69b258d6b964afe462d5d5f426797b35063011af789e1c060708386898d94f228592971f1a50021bd12f67299a5af2ec2e
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 02B4 0
0 201ms
201ms Fetch
application/json 2.16.202.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-120.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: 11f13b4c.128d9e93
date: Mon, 14 Aug 2023 19:17:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-202-116.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 174,2.16.202.116
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=88, inner; dur=3
server: nginx
x-tt-logid: 20230814191749DCAF8E11DC10505826A7
x-cache-remote: TCP_MISS from a23-43-56-133.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50400341) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 88,23.43.56.133
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec264e17ced45f0fd2808fcd37e1dab27769ea95757293eec7c223f4c573d916d87dfa49991259e1d2997fca1478a38817b7d27132188491a3877e3f9f838b9194fb22e2a99bff5a9557b32dc255e4d5df30a
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 57ms
36ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f6b8a4e1c21f110-CDG
content-length: 24
content-type: text/plain
date: Mon, 14 Aug 2023 19:17:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd2KwPh9inV%2FggNdiFO9AXqtQYeXIdxNlP3poTc4wyA2dn48DcCNuMRhC2ti9DdAjXHtxergrON4ZTCglsQ6opWMKaTi3zHbkRky9UMTyzeP5VdEUbSbL2fxZuKWSbAlmt6%2Feyc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4jr5

POST
H3 200 rs Show response
ad4m.at/ Frame A029 1 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f94023a0f106512ea0de735be5a4def47c6f10b1b39c17d2862399b1e814e4

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bbj%2FRePXrOMs0Gxsa4vO71G6OglhxOXrJBaEpxn8rKyN6O2fzuufuoOFU6CRfC8SuebpaRUnBRCBMheWm%2Bt8W0GwACNjSIUKKqgFjorTqslSNCdXdCcFykZv%2FWePbUeE8qw79U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f6b8a4e5c6df110-CDG
x-backend-server: aa-reachservice-group-europe-west1-4jr5
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 188B 9 KB
4 KB 43ms
43ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bf331931d5d8a29ccb2a7965d800a0bf06fe6e4885c6d48b0d9fd3159d0af34

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f6b8a4e9e100377-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:50 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 188B 114 KB
14 KB 41ms
41ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 461081
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5XM0ajbLBpGc0MQTYhlOj4lERsj8SNLarV4vt1TFz6t6H2yOgjyeZMuvEQaDuMl7gS39wK9ujS4DKxFc%2BbkpInDSMrbIvwR2tN5j4AKiPS2XmbJcc1k5n03ImOZd3ubPj%2FdX0q556Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f6b8a4ede4f0377-CDG
expires: Mon, 14 Aug 2023 20:17:50 GMT

GET
H2 200 BAAAD674A7D640F662C67E4E581F9B4B551CE42052B8BC19C0FA1F90ED2ECB95431149C4CDBAE578AD14DA9D8335DD0B16AD35445DA3D7120FB6EA584AD2079E
assets.ad4m.at/logo/ Frame 188B 8 KB
9 KB 37ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/BAAAD674A7D640F662C67E4E581F9B4B551CE42052B8BC19C0FA1F90ED2ECB95431149C4CDBAE578AD14DA9D8335DD0B16AD35445DA3D7120FB6EA584AD2079E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59535387292e8516496b06cc5c548ec55a0f23b75e1e7517e7f1eb9994a9544

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1389364
cf-polished: qual=85, origFmt=jpeg, origSize=23155
alt-svc: h3=":443"; ma=86400
content-length: 8640
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Jan 2023 10:20:45 GMT
server: cloudflare
etag: "bd655832e18891ed44c22aa7c97e90a5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7hc3h4dUt0Pxp4S5tUuvOyE6TV%2BXprbrtFJyj2MsJ7CFfRTFNpir%2FPc5WJWRKZ%2Blf2lviphTRKUMk%2F66PMQYgZaT%2BaTkIfiyJtp%2BY5iHRMzcyPptJAg2JY3OQXUceVL7%2FkElvSgud4CwUCm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef023ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H2 200 5038D874A6F96D676E9D5FD7C318AE73BDA7EAB5EA1F5B9528AA044EC7D4CEBA2AE75DCFBB12A6A03DAC240E5447DC4B7DFD7A13B729CE5870858D436CDEB317
assets.ad4m.at/product_image/ Frame 188B 13 KB
14 KB 54ms
46ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/5038D874A6F96D676E9D5FD7C318AE73BDA7EAB5EA1F5B9528AA044EC7D4CEBA2AE75DCFBB12A6A03DAC240E5447DC4B7DFD7A13B729CE5870858D436CDEB317
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0a15e0ffccd0e35f68befc50f76e2266981421c74c734f4982c654a2646033

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1391657
cf-polished: qual=85, origFmt=jpeg, origSize=37590
alt-svc: h3=":443"; ma=86400
content-length: 13524
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Jan 2023 11:50:31 GMT
server: cloudflare
etag: "88ad381da3fbd0db3cb26f846010a18b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9NPOyjWyGJGg065zpsWSIwWEJT1HG3gj4323wqnBiQtR9HE0VcGsKIoFWRh%2B5C8oxhmTcJlak1spVgS4EwIpEbLiBcwFeaA0%2BOdMLFmm5n8SDrBLsx8yWFJtI%2FBp%2BoVO2iIWi3bWYSj0%2FV9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef013ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H/1.1 200
OK /
sjf.flycorsair.com/ Frame 188B 43 B
2 KB 158ms
70ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjf.flycorsair.com/?t=P5127B756C86321311&argsite=oneidbWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:17:50 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.016375064849854
Connection: keep-alive
X-TRK-PROC: 75703
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 2
Server: nginx
Last-Modified: Mon, 14 Aug 2023 19:17:50 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 188B 11 KB
11 KB 54ms
45ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661cf5bc8d00c66ff3e06bafa6e64e168bc2d2c218e5ed7247cdb1f22ab2bc61

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543337
cf-polished: origSize=14458, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 11091
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUhv%2FxcREPxEwE6pvOOmS9FbtiGnhvirHFSZkGjWfDaNXuQnnm6zCmpyfK4PpyO3HxrAb08cWqSAYgIyEbihYHmE7k9k9sUv2U8Oo6sBuetl7s0T%2BV6Q%2FyH9cnzd7AilDi%2BVPS%2BdEVE5weI0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef043ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 188B 98 KB
98 KB 53ms
45ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090c7a3438b73f59b177c48609e936926cd5b3249b9ccce933db35cae9ad052c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1042478
cf-polished: origSize=142926, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 99947
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bb4C%2F0g9fJ8OxiHViuW8VWKsdAfaLv%2BaIzobP1MdMoj1L0%2Fqu2BOeEdtNJnt49YH8ghtUKzNmYGO7SSF3jskHap%2BTCEecaXf67dQSZ3iSjMNsQxzk6qPr6uyF89PvI6tCOL9t7JGwu%2B0Hkmi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef033ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 188B 43 B
2 KB 119ms
62ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:17:50 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.016749858856201
Connection: keep-alive
X-TRK-PROC: 70235
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 8
Server: nginx
Last-Modified: Mon, 14 Aug 2023 19:17:50 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 188B 7 KB
7 KB 52ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806575
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:25:08 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QflLMMLtxNtHrH6aUHWed1BgZdC2e35MTq5R%2Bb2JadaplbFbaWSnRCpkeoKoT6YNglCbpXwSpqksA9K0mmlVNsj4sNNZghJSo%2FmNdwjEeXnE7YUjyiyBkFUkfp%2BcXKZBeMwOmSyQqK1i9CTK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef063ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 188B 36 KB
37 KB 39ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:17:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806575
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad8h7pW4bparw%2FIxra8%2FrwA06jkCwbBuL5gGI%2BWBljW7AuKWlI7q1XHbgqfnxk75kmtJb6Erz0OxL3Q9bX2x%2BB2N1rHt7pBe2kwq3FUlgyzpAn84%2BjdGBJESKpk3e3krsFxeRSjJEKsBqeKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6b8a4eef053ca5-CDG
expires: Tue, 15 Aug 2023 19:17:50 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 188B 43 B
705 B 140ms
59ms Image
image/gif 23.197.149.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.149.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-149-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:17:50 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CDE 42 B
64 B 129ms
129ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurbAILZNS6nC4ynEh89gP8H0OIAd9SYuRx3XkoQIgpvZxh3McYitFPCULIO_2al1i8WLZ99g5zu3NbIiwEBKfEDIaddMmqAKG49QgbSt7RmUJvwrQjymczPzzmIGK-xVnfTHY-nCjjO2D6&sai=AMfl-YR5xYinGMa47hyUXqb6Z3u01IPdGWp-1wBYp-E_-mT_5bX5oryMZre7mctm5SWfqqZ6WXR2-DVvrPWO&sig=Cg0ArKJSzALA5Ty5MGlJEAE&cid=CAQSGwBpAlJW4TCdpMn0DJGwiP0-Z_nf2_lGm0E5QBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=608,1000,1000,1000,1000&tos=608,392,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692040668774&rpt=923&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 315ms
131ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=1&wmode=0&wv-hit=970899614&page-url=https%3A%2F%2Fldiena.lt%2F&rn=890421002&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1692040671%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230814211750%3Au%3A1692040667962299694%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1692040671&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:51 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Aug-2023 19:17:51 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:51 GMT

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 65ms
64ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=1&wmode=0&wv-hit=970899614&page-url=https%3A%2F%2Fldiena.lt%2F&rn=177935876&wv-type=3&browser-info=we%3A1%3Aet%3A1692040671%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230814211751%3Au%3A1692040667962299694%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1692040671&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:51 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Aug-2023 19:17:51 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:51 GMT

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 135ms
134ms Preflight 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 33264548341016e86db489bfa5dd69c3
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:51 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=14, origin;dur=110, edge;dur=-1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230814191750100334F72FAA3E7AEF1C
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0e0dd64445627321d974edadd23f08429cc23aa8857ebcbdcaecbf1222b3f42b395626beb1cda91ac7aa0d996ce2110205a8615a5b13ae2911cc0e5bcf3c3f3a97ddb1114bad255d20f0c51dbf6e5fcb73
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_static_fra3_internal

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 02B4 0
921 B 131ms
131ms XHR
text/plain 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 19:17:51 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_static_fra3_internal
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=4, origin;dur=105, edge;dur=-1
server: Tengine
x-tt-logid: 20230814191750FAB02B117EDF67569027
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0ede4c120373971a02e7cc7774ef16a2fc959b3abc0f6c79b212bfc41bf2fb8c0d27a9e3b57d1953b8f6f4901d7f4e3947c88dad0cd6f7510258a6f003fea5e384c61a6b85464839b0841a0a6adb56d13b
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 4e4e3ef57fbb01ffa274f9ea4bca5cab

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 125ms
125ms Preflight 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: ffb79080781be76ecb84ac118799561f
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:17:51 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=4, origin;dur=100, edge;dur=-1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230814191750100334F72FAA3E7AEF49
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0e0dd64445627321d974edadd23f08429cc23aa8857ebcbdcaecbf1222b3f42b395626beb1cda91ac7aa0d996ce2110205b25fa60d57b41203b1e653eac5d687452b4c5e2fa5e9d7e598910329c4a0264f
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_static_fra3_internal

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 02B4 0
920 B 121ms
120ms XHR
text/plain 34.141.62.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.141.62.31 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.62.141.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 19:17:51 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_static_fra3_internal
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=96, edge;dur=0
server: Tengine
x-tt-logid: 2023081419175025A9B55DACA4696D5C7D
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 017145a21eddf78e58fdc69b3cba2016a750aca119ea201d3a03faacddc0521f0e2d6c9ecf4e9215c6cf7d1e7ffee937ba59bfe661d5dd0fbcd4a0e384d47f1efae15cdd9b58b14d642982c07e6312c92b8ff9834185c18cb487fc49f246db4098aa6689c358ecf3616da2fddbcbc851c5
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 0490c00322870d8fef0b22a95ba43549

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 65ms
65ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=2&wmode=0&wv-hit=970899614&page-url=https%3A%2F%2Fldiena.lt%2F&rn=70463481&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1692040672%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230814211751%3Au%3A1692040667962299694%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1692040672&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:17:51 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Aug-2023 19:17:51 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Aug-2023 19:17:51 GMT

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame 02B4 44 B
2 KB 242ms
137ms XHR
text/plain 95.101.111.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswSOQDcArYTQt9cGNaVeovZ0
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: 1f60912.2a4cf912
Date: Mon, 14 Aug 2023 19:17:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-23-208-149.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 108,2.23.208.149
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=18, inner; dur=16
Content-Length: 44
X-Ms-Token: -X5WvzmqukdrSzgvOC46BQR1pJxNWT7jZDTvSPDh6GdftJzqpvBIsk7d4_hDpJ3r54fuHpfTqQoA3Wb6j9MI3AWSt7FPCa24z8_poEUc2VUZ3rFb7a1j
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308141917512E4EAAC5D0FCED44DE94
X-Cache-Remote: TCP_MISS from a23-217-116-165.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 18,23.217.116.165
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec264700b8f2b3954edfd726edb308e98692450fde832dce337f8a2ea5d83745a0b3c1324552d329490c19c0a4380214994e5d47ff638997b34236e50f4c78037e7b1f731a30879e9680937e4118997d6102eea6ebd80941290fd6085ae3df38b944d
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 14 Aug 2023 19:17:52 GMT

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame 02B4 44 B
2 KB 163ms
163ms XHR
text/plain 95.101.111.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswSOQDVYHKTQt9cGNPVeovhY
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: 41b6ec.2a4cf95e
Date: Mon, 14 Aug 2023 19:17:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-23-208-149.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 133,2.23.208.149
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=45, inner; dur=23
Content-Length: 44
X-Ms-Token: 2k4zNBag7qUpi9xqJECFkTLjCO1zjd0wftMJvekuF3XF7SdLMENhw3Kg0iso3ap3xG4_xh7XNJa4adsRx2kLDqDNjb4KLfRgjUhkm2maitY6-0-LUiDx
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230814191752EB561402CACB823232A6
X-Cache-Remote: TCP_MISS from a23-36-67-243.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 46,23.36.67.243
x-tt-trace-host: 01b0589044eb1bdf7fdc948a884a6ec2648ae16b811c5fc3766ee20d0d127c25f2793a8d9f7169ba0e909d642f46293d3099cb49666f235f5902905e6b5b95b498b5d8a255f97fa2e8abc77ee6404cd4a52bb12473c5f76bbdfa015d0ee03a4c26
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 14 Aug 2023 19:17:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECjNpyTttM6zGYZZj8tXbBk&google_cver=1&google_push=AXcoOmRjiNYaXIaW_-cSOcFn5w3e1SGeslyyu3fxUGtkfKgjKjv1Cm8tGy3w52Ho7nX8IwLbh4sj3IKdZTlW2YLfVpgo35yh43w7E4FenrYQ-JKHCwikN4GtShBUDOaux774mquT1vciwlWue6L6SslotXv_mC9z

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ldiena.lt/	1969-12-31 23:59:59	Name: advanced-frontend Value: odh90or9il1bpp2qjn2tm9rpsp
ldiena.lt/	1969-12-31 23:59:59	Name: _csrf Value: 065dbdd34b102d0f935a444013a75a97e311a8da6c6fba7fcc34407083bd361ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22%9A%D7%E2%AD%18%87%C0%EE%850%B6%F5%9EKU%DB%B6%F3%81c1%CF5%11-%B1MoO%CC%60%1E%22%3B%7D
.ldiena.lt/	1970-01-20 23:36:40	Name: sc_is_visitor_unique Value: rx10241118.1692040667.DCFC685057B94F1588F8859CFB4DB6A9.1.1.1.1.1.1.1.1.1
.w.uptolike.com/	1970-01-20 23:36:40	Name: utl_id2 Value: 32490483572
.w.uptolike.com/	1970-01-20 23:36:40	Name: utl_dat Value: "CJa97qufMRAAIJaOubSfMSiWjrm0nzEwALdcPRDW64WTa6khp0ZJNZQ="
.statcounter.com/	1970-01-20 23:36:40	Name: is_unique Value: sc10241118.1692040666.0
.statcounter.com/	1970-01-20 23:36:40	Name: is_visitor_unique Value: 1692040666305273217
.ldiena.lt/	1970-01-20 23:36:40	Name: _ga_B41L423S6L Value: GS1.1.1692040667.1.0.1692040667.0.0.0
.ldiena.lt/	1970-01-20 23:36:40	Name: _ga Value: GA1.2.1568474993.1692040667
.ldiena.lt/	1970-01-20 14:02:07	Name: _gid Value: GA1.2.171219698.1692040667
.ldiena.lt/	1970-01-20 14:00:40	Name: _gat Value: 1
.ldiena.lt/	1970-01-20 14:00:40	Name: _gat_gtag_UA_11131269_2 Value: 1
.ldiena.lt/	1970-01-20 23:22:16	Name: __gads Value: ID=f0cca814da9da939-2208270d51de00ea:T=1692040667:RT=1692040667:S=ALNI_MakxIio6hy4o7BPXfQQcZ3DRn38Gg
.ldiena.lt/	1970-01-20 23:22:16	Name: __gpi Value: UID=00000c60835b6bc5:T=1692040667:RT=1692040667:S=ALNI_MbLTwoMgAflCUe5ctivGEEzzuynnQ
.ldiena.lt/	1970-01-20 22:46:16	Name: _ym_uid Value: 1692040667962299694
.ldiena.lt/	1970-01-20 22:46:16	Name: _ym_d Value: 1692040667
.ldiena.lt/	1970-01-20 23:36:40	Name: _ga_0H5YV1RPSL Value: GS1.2.1692040667.1.0.1692040667.0.0.0
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1132283631692040667
.yandex.ru/	1970-01-20 23:36:40	Name: i Value: mPh1NcFNRH7LWLcaEmXOdSsZbXiHTD0qvmrnBlA6Qcv1L9pWegVKx/Zb8tz504S9NMMvmArlrV7fBZTAHPh8Ydf0/i4=
.yandex.ru/	1970-01-20 23:36:40	Name: yandexuid Value: 2407606361692040667
.yandex.ru/	1970-01-20 22:46:16	Name: yuidss Value: 2407606361692040667
.yandex.ru/	1970-01-20 22:46:16	Name: ymex Value: 1723576667.yrts.1692040667#1723576667.yrtsi.1692040667
.yandex.ru/	1970-01-20 22:46:16	Name: bh Value: KgI/MA==
.ldiena.lt/	1970-01-20 14:01:52	Name: _ym_isad Value: 2
.ldiena.lt/	1970-01-20 14:00:42	Name: _ym_visorc Value: w
.tiktok.com/	1970-01-20 22:39:04	Name: ttwid Value: 1%7C2_SPrvxzQHRAEgKGuu2HEO066c6CQ_ReQTKOHr6xNBI%7C1692040667%7C460a5b64c3cc0fcfca3fe411372ac2426466f01acee5e4afcd7186edaa919257
.doubleclick.net/	1970-01-20 23:22:16	Name: IDE Value: AHWqTUm5U2bqHPzlwtRsvZVXEr92QyOEz-OxKqg6zLR6k9m_h0Z46BdXAiXmcFJkOcY
.doubleclick.net/	1970-01-20 14:00:44	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:10:16	Name: ar_debug Value: 1
.byteoversea.com/	1970-01-20 14:15:04	Name: msToken Value: m8_WgzciO6fjcoBK3tvZSXi4WrlJd-l3tl1P_EPQMpjGX_7msQkuGf_-_EXWBOlu9R1W1MJO6LPdPr7ayUCyWFvyOzC8LQf76I7ks-4S1y4=
.simpli.fi/	1970-01-20 22:47:43	Name: suid Value: 31F5D41984874F378FE864C0BD9B1C98
.adform.net/	1970-01-20 14:45:19	Name: C Value: 1
.e.dlx.addthis.com/	1970-01-20 23:30:55	Name: na_tc Value: Y
.adform.net/	1970-01-20 15:27:04	Name: uid Value: 4052365175998935770
.addthis.com/	1970-01-20 23:30:55	Name: na_id Value: 2023081419175000010589957853
.addthis.com/	1970-01-20 23:30:55	Name: na_tc Value: Y
.addthis.com/	1970-01-20 23:30:55	Name: uid Value: 64da7ddef7d3afcd
.addthis.com/	1970-01-20 23:30:55	Name: ouid Value: 64da7dde000164d5bf76cb6b81446cca6201ca115ead2e5d6f5a
.dlx.addthis.com/	1970-01-20 14:43:52	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 14:43:52	Name: na_sr Value: 20230814
.dlx.addthis.com/	1970-01-20 14:00:40	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 14:43:52	Name: na_sc_e Value: 0
.aircaraibes.com/	1970-01-20 15:27:04	Name: neta_ssc Value: 3b5ef49x1nsbwu7n963avkw9przo
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 3b5ef49x1nsbwu7n963avkw9przo
.aircaraibes.com/	1970-01-20 15:27:04	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.awin1.com/	1970-01-20 14:03:33	Name: awpv25911 Value: 412871\|1692040670\|42b34a90-3ad7-11ee-898e-223287d3f473
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 423187:2993007
.flycorsair.com/	1970-01-20 15:27:04	Name: neta_ssc Value: 64f8f49x1nscv248rsgylr91a4dx
.flycorsair.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 64f8f49x1nscv248rsgylr91a4dx
.flycorsair.com/	1970-01-20 15:27:04	Name: kwknc_ssc Value: dp5127b756c86321311-b25laWRiV2d0UWZBZWNSYno2dVlIYkh6dEt0RUU4bVN4VEpUNVdXYUpvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.flycorsair.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp5127b756c86321311-b25laWRiV2d0UWZBZWNSYno2dVlIYkh6dEt0RUU4bVN4VEpUNVdXYUpvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNjFfVGVjaA%3D%3D
.tiktok.com/	1970-01-20 14:15:04	Name: msToken Value: 2k4zNBag7qUpi9xqJECFkTLjCO1zjd0wftMJvekuF3XF7SdLMENhw3Kg0iso3ap3xG4_xh7XNJa4adsRx2kLDqDNjb4KLfRgjUhkm2maitY6-0-LUiDx

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ldiena.lt/ Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://ekspertai.eu/static/uploads/2014/durnlaiv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/ Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://b1.culture.ru/c/270024.550xp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/(Line 1507) Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://ekspertai.eu/static/uploads/2014/durnlaiv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/(Line 1507) Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://b1.culture.ru/c/270024.550xp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fafdc6abfdd8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff913ab5700c928%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kq4r4t6asyf0nnppy4ec61wr8kjtpbb4964txq643s70rtvskg3gw3a886nxde0hmxewegfwahc176k103bswbbzhre5bw3exgw8bjqe78pet8rs7vfh52yytcp8n2fma6tbb52b1trxjw6vvky96q5rhrhz85y6qwh221hm6t7st7rdvz1mvtw6gdvwgw9dg1xp57tze1q7c8kf2hp3fnb8s32y0k7emmv7hqpwq6yeecs10q7jt8mvr0ejg75g03v9nepzpf1r4pq1k2rsfb2wx21zfegm5bch71qydgqmf1nehpd7ejnxp04vnxf9fk0j86zmgb5s5pb88mhec58nn9a47ptdv7hv31vznpwgxc54kvfe9jmrx7dd6wa260qgrynkabxde8hm446wt2jvr33wp0hajeahe9rmbzqanz5j609mh74&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%26client%3Dca-pub-1942844261147734%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
javascript	warning	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.484/index.js(Line 3) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=330015%2C119648%2C311476&b=bWgtQfAecRbz6uYHbHztKtEE8mSxTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=39zHpfA7cPQzWs7HrHAtXCMM74f8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=300&d=600&e=&g=6b6907f5d78bed17cfbc72fa0473f4d6%2F10308781330420085775&i=113645%2C30425%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1692040670422&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpans1et164xyv55qr4r5yf68hahwnz61cvstktd913trbw5zv309d2nhw5pjv5mvt54n4jxfmpnpb1b8htxp4z008jv7mvdpmjf34vpg5rc8qzj53weysf3b8kstj6rp07wj56h6g9hca3d7p5x910mg33gsxxsjayq69pphnvjvgnfdt0z9x39zz2yd2z6emjsavk95rnf28xwz4ahm1r5jc5ee1mbhyyjj0hsayndar2a27908vrr62dgc2jnqcgpc3c94vp76hfcg10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqer83H3aZKjMGerUn88P_dK0qAbi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi0xOTQyODQ0MjYxMTQ3NzM0yAEJqQJKgSnmX1yyPqgDAcgDAqoEtAFP0MvAxY19RocusPgq7viSQAatNXRFSMMHHNb6xH6t-i3vHSDstPOvIAc8QfXGR6-R2t_cylH9QaFSr3g0nx2doY-brVrkaXAXBvxDBY-sKM6qac69-aXcQX_tfrAAb2qZ4wstr-PhIsPygCU2YHzFqnJDJTy86DRC87GfRHZimNUmpk67E5Juyiq18sqpigwHGR3RhGkYtzfPz0XXEtCBetXSImOHtUTsqT-CstNPRluP41-ABoy7_dKB5ISCXKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1FtixEjNf0pvAjyY2JJJW2aWpNuw%2526client%253Dca-pub-1942844261147734%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-1942844261147734&fa=3&ifi=18&uci=a!i&btvi=8&xpc=Tsm6SVJAFA&p=https%3A//ldiena.lt Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-1942844261147734&fa=4&ifi=19&uci=a!j&btvi=9&xpc=C09FYGdjS7&p=https%3A//ldiena.lt Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-1942844261147734&fa=1&ifi=20&uci=a!k&btvi=10&xpc=bq1DaFndm6&p=https%3A//ldiena.lt Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
apis.google.com
as.ad4m.at
assets.ad4m.at
b1.culture.ru
c.statcounter.com
c1.adform.net
cdn-rtb.sape.ru
cdn.ampproject.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dis.criteo.com
e.dlx.addthis.com
ekspertai.eu
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
evaizdai.lt
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.postimg.cc
img.youtube.com
jpp.aircaraibes.com
ldiena.com
ldiena.lt
lf16-tiktok-common.ibytedtos.com
lf16-tiktok-web.ttwstatic.com
mc.yandex.ru
mcs-va-useast2a.tiktokv.com
mon-va.byteoversea.com
mon.tiktokv.com
mssdk-va.byteoversea.com
mssdk-va.tiktok.com
ost1.gismeteo.lt
p16-sign-useast2a.tiktokcdn.com
p16-sign-va.tiktokcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.instagram.com
platform.twitter.com
prod-rtb.ad4mat.net
region1.google-analytics.com
sf16-secsdk.ttwstatic.com
sf16-short-va.bytedapm.com
sf16-website-login.neutral.ttwstatic.com
sjf.flycorsair.com
stackpath.bootstrapcdn.com
stalin.lt
static-de.ad4mat.net
static.facebook.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
use.fontawesome.com
v19-web-newkey.tiktokcdn.com
vmweb-va.byteoversea.com
w.uptolike.com
www.awin1.com
www.facebook.com
www.gismeteo.lt
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hey.lt
www.instagram.com
www.paypalobjects.com
www.statcounter.com
www.tiktok.com
x.bidswitch.net
googlecm.hit.gemius.pl
platform.twitter.com
104.20.219.77
109.235.67.100
142.250.185.130
142.250.185.162
146.75.118.113
162.19.61.80
173.222.108.170
178.250.7.11
185.12.127.178
185.134.203.247
192.229.221.25
193.108.153.12
193.108.153.9
193.16.47.244
2.16.202.120
2.16.202.91
2.19.126.196
2.21.20.143
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1b
23.0.174.232
23.197.149.186
23.35.237.56
23.38.98.155
23.48.23.174
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700::6812:bcf
2606:4700:e0::ac40:670b
2a00:1450:4001:801::2001
2a00:1450:4001:806::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
2a02:6b8::1:119
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f245:ca:face:b00c:0:43fe
2a03:2880:f245:e0:face:b00c:0:4420
2a06:98c1:3121::3
34.141.62.31
35.157.211.238
35.204.158.49
37.157.5.84
62.210.189.174
69.192.160.219
82.151.106.131
95.101.111.131
95.101.111.149
95.101.111.174
95.131.136.1
95.163.114.203
019d844325395d44a6a12ecb79e36bcce1ff80d5d00664504beec42cf9ca450c
01d3a53f950907a36762c2276debd332fb33fac7f86118ef6e09e9469691c792
027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
05d08e4a596a10e19ed5e0d3ea33ed2d012783c02f39a60dea4667cb24ad680c
0697ba16921b89f9d0c1c7e880f3e6e2e36a3dba103db06fdcc5519168c7cf24
08eac88b3ef1551595526d91fccfd5cff7c7d99b85c230c1fb2412d00a5ddfca
090bd5769c23ae586c1557c262f0a469251faf138f3d9861281f596e36597f7a
090c7a3438b73f59b177c48609e936926cd5b3249b9ccce933db35cae9ad052c
099baa18a1a63c26de3d955f810e8198c982e27995be08802257d5a879df084c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf331931d5d8a29ccb2a7965d800a0bf06fe6e4885c6d48b0d9fd3159d0af34
0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d
0ec7a15caa320d6f4fbd58b4ecbc838477a1d37fc51cf415d36af1fcaa9df55e
121800e8d21ec5a7f42ffc88272f5c08e5ec7f17062cf9e7afe4d95cd7fb0875
13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370
15669ee5ed8e7be020a4f5239730fd0141fae0874b9ca3e374c6cf850a318ff5
15e9c0f02df3d221e5f65d0623bda770216d6d3e3fe71aad97a6d893c8d8b291
169c75eef3bfbbf1cd751f0574a55e89b631763b0a2745a80a1ca4f8227b3b3e
172ec923a137f7e64f2547599a1e2ffa62e3706a81c49ccebfcc09356e1f6611
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18eb995109b8823f58de46d286ea32b87024979468bab3a8f59879d754ebeaa7
1c19fd6f94185384a2bb6bd132bd1c3446c1f24e54e3899dc4e4f16f7a67e509
1c37842faf2d35dbed89fab63f431a9ae1f4ed14ce20152f11f5167ffd5b0335
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1e08c8366dafd6909dffba19b3a096a353579287fd4666f553cbb972ef9a1f7b
1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f
21c225ab4891c442dbbf1e7350985372230bd0de01e87c498da4b8dc55979c25
22eb537ab9a4652390b1dd727b804cea08fdbc75ff1063c7cfc46f5abfe6f4be
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63
24b0b81c82d1f07736452a6f7831fa0c2b051fadd09cc643b94a6d5282dadbe0
264cd292128df7287e0e5f0fcbdb0f9c99e242fc5d674d8c293ff8bac390fa13
26b7d660dae76938aafe9f2a50cfb7bb2aacc562169e4b77225fa6287aa7e20b
27a90a706b940bf90cedef5cd8b986f78e9e7db930bc2913fdd21841c5ccc1cb
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
289d566c877a4b7a5e3c8995151be7a7dfd308a3220448f7a5b19f5b91b9e309
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2cb72c7da4366275e230180c48af3c2b32c7221ce5b2bbd28df2caefd4a942c3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0a15e0ffccd0e35f68befc50f76e2266981421c74c734f4982c654a2646033
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
303791692bb0264fcf09d5e66ae5aa438066b6004e7a46a5a86ad0f3224cf6b3
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
311bece61c46caaee7c7ffe7fb9ea30388b35aa3d4d1d18eabd4613286c0d09f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3317d58243518e51f56be0293d2b9e1874874ef14f0a15f392d1e4d43aa70a4f
343bc476fd2c2de20b0b85d2b9a5fd75d21706f3477495ed2c13efbcef1e77ed
345f7edff5c0412c353517635f9a9a3d3b6eb03521b33e8527cac0414a9ab5e9
34c6c1bb0a5a0bf9bab65f4f347106505abcd0fab729a9dbe4b1567190ee8fcf
34de4befde6e899bf6af9218453b331c3c50b12fde1a2cd35bca6f65377ef2dd
3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f
356d09e7e9c25b574aab584c2fcffeb230f3f60b35c83f0694c133825c4a7b1f
356de5a8c31ac5a5988272e5b94f7c36cf51a1fce5e33cbb76763f088c3a0013
37835941b76a33209d01c80223748f762144c36d9724a784f31297113fda40a8
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d31847fd214acfaf7a0853f49c9b8fc8ce1712c7e2981cf62bd054742dae620
3ea3021e1f6152f16fa8b40a93d5d0cb8e5681bc84bb78c575a71acfa9c7400b
40a15aeb689a7275c7eed0a6c727cb5dcdb09428be10d5000d3117da7f300e77
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4146c0b197501c583be2d258b642fdbece013f316b7b49dd5851bcd08a6855b2
41dda71c2f4e883598b5284d6f08df800d21846b5b55baaf551253b01f503049
41eb0f09c31f179c415d30f5a28d0af402a1e54ee10b2cc7eb53c5cad2381117
44566ebe2b3c8736d69cfa1aeb2c4d07136d5dd938ad38cafe0d2f30c2d71455
454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4765417761f735a679d777f8c7a472443a3405b613698767d2465cbd12e23621
48623a201c1f4227333a0227f351a950bc21f5d7034f88d6330db8d933f16e54
48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10
4cba99453c34a60aa546e5d45787cf91abb83f426c364ca6e9bd20be27bc36b8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2405efc3fb55b666f01a469a99acecf1a90d69c16173aa5eb3a9eb41581e69
4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
52fc7b078b94e161b56f22a89c5fca7a537afe684d50a63fe26b386111b21a07
53e26f4f5f4110c3f719fa6f808b86d64ecaf5ba005308ff3dd72ec1ed8d1fee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5496bb5ae765edbed942234afed579487427a2bd1d17c32f4027333fe5ad6563
56175fc5881c3bd437105451e7a577a46b9b130895331a1bf4e1aeaa3f64c37d
57034146eeb6626976bc238d640836e5580c921fbb33a51f0b4ae500226a4005
593ddd828505463163d4765f4d9ba067ddeba59ef91f4383f4fe0ab8cc5f2fbf
59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2
5aa989b315c883b7023e82ef35cbe90f426d70131136f1d85b0d98842ffb662c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce916944a0bf06b686481c9a97d710f2d9b3995e1f27ac85011df24f7b8a014
5ced7d22e43f831fe94c260885cd2254494d5a3714ec694c08befa54703f57d1
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fcae7f8d9eb3c7166cc42aa3a54ec1ae6eac6dcd441f4b803981fff522ac5da
647145d5cd7f90bd77ee77d95104193aad8b126abae6ca3d68ccbb37d611e959
65532a1786cd4684158acf7fa687dcb3c69fd95da6bbd73ec1f287f2466f3a6b
65f7c5cce1e5b51c78fa472bc44ebb64bfa42403f07e8fcecfdfa129517a618f
661cf5bc8d00c66ff3e06bafa6e64e168bc2d2c218e5ed7247cdb1f22ab2bc61
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668b8aa83d115cbe7be6aec95fbef24709b6928806fea127595b212651c30f25
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
684067feb4d66908ff4a0ad4839592ce43bebffffc1d122bd499b0c85fb2eb7d
690155cad075a810d6f2bbb7be98f1870f2fb30b1a58f416f37a72ac23ac6762
69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3
6ac042968cc376720abcb2f76326864ad2bbd2db73a6c443fac94d05dfb4895c
6ae19035f071756479bd884d42de186d1ec65d146d14d71cd9c8573b7086dfca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca79e288106a53f60b4bb9b00aadb71ff1f9b2ca76a2a9044aa026671c9f67a
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f7c213203c2b628b6ed8d67a288a4bfaf906eac371dd26ad79f3d9f1c0ea2cd
70f06515e47160b02727a63c493c438e94c83be804116ae7fdeb656b3c3a5df6
71d83b5db7231065004bf32d20d688ea487894c0ba08a6904b3a447cfaae948b
740f9a62f2704917aefa665e7678617c6a165cc445125993331133e3f2aa7989
74e11e446af46e8f813c3bfb6f08012c6e4f8586a7446a70b71493e6bbe17477
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
76798b31695f4dfa0d336a1ad582ab11bcb4319bebbff2b3ebef7c688ed19278
76d6c5fa3e145cff0dc1a7c2ad5631d0171c2ac0c3bdabc13eacf58e02748101
774b0b3fa78d445153630480c76c1eebe2903b8d4fb2bd861aa85510c0ca2784
7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf
7a7bd6bafba8bbf830049cb65019814e2415607c09ebde7d8a999c128ed527c5
7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
7ef4fa8ade09537be78e9168b0f8ab4c3efcc3dc99ae4a399e9c3a2e4c14fee0
7fb99b608c65011714627ec40594d0a7cebffadf665fbcec68da957a026f239e
809fa000bfe4225230fdf0b5b37cfc14e607657a9b57d4d1337c3a7a3589bb78
8233fb40fd229cb257865de906c45e7145de537bcf630a9e622cdb602d38e4a0
83bad0d5317f2ecc3bfeb4f5854b96dc996f4e033e9c97e5dabdf9b63b9ac484
846ec8a25a1402db9af2625b1c2537825fab7328530d9a626160191ae1a27acd
849f4f58df22077189f77b312aeb1bc0642288c911d346b7fa80111d1408de9f
8574c8626781d8530d71784532d588bffcc686b885d097cb3ac3365f6cdf35cc
86898e07bb954a8cd2547b2ef7ef0d002eb5fea616fb9dc505f152f2d7f4935d
87953a199ac20eb6fb6adb024007fa9437e65847bc69fa241ce494694494d8ac
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8
8d17cfac410bbe2e2cdf5d95cecadcf0693e72afc8b381a02cf3d928db04d6cf
8d59c313a152e03e61d67aaa9f5435df9b7c19a8c362e06400a64bed6d1043ff
8de3f47c17d9112a28be4a09b4b9ef7d57d7ef6a0bde7e2020f9de4f5cfbd73f
8e6393607cb8b9e94c1d8d87fe710ca00e029cd82cbdc93ef8efeb1288ab8994
90bfd2a150346405da0d1599565c6fd43302b2efc9ec46155acc01d6c16f9250
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92b2ebe71f919b2a52ae887c79845edb72e96f1e107b049611b4d629b1cb3af5
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
94ef9cf08633eaee2cccc704e806bd50eefa6e5eaf8adfb989c4c8ddfc8517ee
95982d09c162f5479e78a532d304864680d46cfd2835c4b44add20e8abbd2b8a
992ed6e0a718bd086ef03882ed91bfe753dcf4f7e0b425a25bd11ca012b11cb0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac824d8a7465d767efed78031874c1c7e5d0a4f73dc01c69b26be387b9ae095
9baec4686ba1b31781d7d2aa19c900b9cea210b7a14ab41b35bede7c66f8851a
9c53230227ba5dd26862860a7303cdd018419185c89ee132237a58d1eb9eab03
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ee649d4a28d7ea0863f333c63f9b31536cb51e6b4c4eb47073fdf83facd0445
9f2f4dc957632d62dcdd71f2b03d94b981e538829ca538f720823b1ddc439faa
a0d2a65319ca8743b05f15bc9f030945320201de8b44faacab6cd924951b1987
a18d7b7234f5f807aa636dd17e1a9ca2afb83bf06fe1e61a8d6d8fc5a2fedf05
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2c94bc2e582fa7bb02bae105dc8deb6893d1efad03b19d74028cf95dfe91db1
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a96f862b61edf72ada5b6869c21a75b05427534840b1274b329747d325628682
a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906
a9d739bf98afa4d3d93169aa723e0377c59a043ba62af343e9e11927320959c6
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59
aa35ac0d90ade7e8269e26472efe0e5db7b88f572914f7dcfd6a2e6f26cb64ee
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae5302b36ad21c4c26a5200af72bd6b966a1721f438a3626f91e00a0b522d1ce
aeb6c1340af2f7e39d9fd18411756ac403f261edab96ba7b087f5bfa5532d123
af011910eb030e440837638795ea77eab961f6416a474d75cd02df1d49e24a9b
af54b5bd391d1e1de324be65f9c8852011540e056a55bece0214f87594d434eb
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26
b26d0ff11c4773969989c4774c870b2e6bb60d510d3f8c29e3e69c02528a54ec
b327e15072593cd2f690f7b7b32d257aa1b3b173c440211aad74b3f355e3245f
b5633af5454dc2c0515ee3620ae8f846b1e5b107fbada5f8ed515b344f0a9f14
b639df794cad92fe6517815e89d4d3b726d96a6ea5f69b1b0136adc02215af2e
b63ff7b048110e52b9243be61c0e78951f9409d92ac490830bfafde3bbde2d98
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
b7528a0c54faf3bef69b8294207cb751bb41a70039f76283d94f5b5b33ede8ea
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bac8f978a971d06d6bf678fb31b905686bc1c7ec8e7978e7fb9bbe359af86c73
bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b
bd0ab42567f9908ca1ca92765ab67bede800ce622dd23463d5d0dab08f734520
bdb038f2eb6f08289b4c9995e3385f0ea0aab76e376c1779dfea421f07537538
bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493
bea32aa4f71bffbb982ace70f8f928c3e3cf962b4161a24ae4af3694200e6abe
bf2f643f7acc015da06c12554386638b8fab76c75ff5c41e750039e644d95a29
bfbac118d72d491649359a23cb82ea360915c4f45e538c7441eed2ee2f99819b
c0875b09b34167dfd3ab3d33c8f719830475bc10b7d46a5a75316dd5d3240b64
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
c1b705aeec77a41ce1b759bc900e9df0a31a821059098ac3abd9fd568ac15352
c3b0e8b6b1aeb8070aac3af01805fb563ca90e17cc892ac31c048ca801911924
c474d25adf3b82efbf215bcfe10f486b763579154ecc14ca8ae4dc864a4ba329
c8a1466d0c29bf1f195520f6c110a505f76ed47e7e8d3e6d14ba479d3aefa5f0
c8f947740a75b748d87dac17f41ee02099f1042ee2d080d92b04f3a766511b4b
c97726054cd865115f15b3939cff96113088b6f368c477a658dc1447ffe77224
ca06036619c0d682b6654b71baba12fc5830328e7542ff97a1fc75774e567038
ce0ebd7c57e85a9876047db9de2155c7d4c3f6982611ac1cc8e694d5fd72aa7c
ce32bada0515778ea8cdbf2b26a15b6794138412e93a991a27eead1d3b439862
cf3d80e2bf58d36eaaa86946e1d42b63f826a3bfcef545f6ea387b7605d02856
cf7744d7ca042ba014c9ee1944e6d9d59abd3b509e233f19d65623f696c4d96c
cf9ee46b4ec120f6fc3528a4bb190300e3d03f86047239f83c7fdeb3c572c79e
d1a78e892c796ff095512c788cb362da9aa7a4dffd3f891d57e58d008b4e240f
d3f8c48e4a208fe53ac32beef6bf2cb790027eb369c22f7a49b67b5a96a08f7b
d7739356f34c6344c0499c87a16cc801de762a574a3f893f75ce0460eeddd528
d7d2103d49c2c1a7dbc6287768859bf4d7543a17b0f9e878788a4561c4425b39
d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5
d9edb58e7cb61cb239c80d45483f65e9eda75e25d3158eca05b6344bd94ea0ce
da362b9ca58b73f4525a05d00fb0a100d02f5e171019b3ddec4f23f0f5d16bc6
dc69ab961e9ca0976d7675527eb07244dd6e97e3e6934b3f9d1586914a5355e6
dcf8317588d7c29dbf377e739e3290d7fa9a297ffa0033143048aedbabcb5ea4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea95ebd6bc1d6368d3c37e77f7775461d7ec50c44f5a55ca1f23e2922914e23
e0e934022f9db437d7376661b2125d8b394cc02bd369e1ef8410d0dd94bf903a
e0f94023a0f106512ea0de735be5a4def47c6f10b1b39c17d2862399b1e814e4
e22b58419109b8802bfbdca49b2a4cf7a9a2ba756e9a7edf6fd44f0d9e7f0b8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8
e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae
e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca
eb522887f794ee71c70ae138e5a976122e3dae6fbb1aac9db0b0279104510bee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbe4b8b14669e009b7de6409e679d41febc6993c6bb1d2a330696e6a6c6b45c
f02763b2320d67f372fc1f9a7338b4d697d05e2acc9747cd4b73da6f83587a2a
f2a2b94a0f773eb9d1d54874a251205232d4934aea7136b18b2c3c66269260ce
f32ad5e5838597651b666edf629cd85d4d92df6b64c01c7055d9ae30ecd5d256
f5909b784a4c97c2cca962a7478707639269371a8e87f4e3cfdad50f4ff91154
f59535387292e8516496b06cc5c548ec55a0f23b75e1e7517e7f1eb9994a9544
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f972086f21ac2dee0629917637500f4a9464c268fbd53176531d3c94b683807b
fb7563dea75e6b91358d0ef891f7ed4f9b24ef905d6daf3135b4efea111cbaa4
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
fd279a1f374accb7a4943f04474106293b6f19ac4d9ba3188d42252b4fc87a03
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffc8160e09c55f7352b6628930391ea311b69c26a5ec13758142aa1c2472e1e4

ldiena.lt Open in urlscan Pro 62.210.189.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

383 Requests

95 %HTTPS

48 %IPv6

51 Domains

77 Subdomains

64 IPs

11 Countries

9377 kBTransfer

29733 kBSize

53 Cookies

42 Outgoing links

Page URL History

Redirected requests

383 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ldiena.lt Open in urlscan Pro
62.210.189.174 Public Scan

Screenshot
Live screenshot

Full Image

383
Requests

95 %
HTTPS

48 %
IPv6

51
Domains

77
Subdomains

64
IPs

11
Countries

9377 kB
Transfer

29733 kB
Size

53
Cookies

383 HTTP transactions
10 data transactions