www.iqforumas.lt Open in urlscan Pro
93.115.27.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iqforumas.lt/
Effective URL:
https://www.iqforumas.lt/
Submission: On April 14 via api (April 14th 2023, 6:23:08 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 93.115.27.126, located in Lithuania and belongs to CHERRYSERVERS1-AS, LT. The main domain is www.iqforumas.lt.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time www.iqforumas.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	93.115.27.126 93.115.27.126	16125 (CHERRYSER...) (CHERRYSERVERS1-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
20	8

10 93.115.27.126 (Lithuania) 2 redirects

ASN16125 (CHERRYSERVERS1-AS, LT)
PTR: alfa.lt

iqforumas.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iqforumas.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	iqforumas.lt 2 redirects iqforumas.lt www.iqforumas.lt	1 MB
5	google.com apis.google.com — Cisco Umbrella Rank: 121 accounts.google.com — Cisco Umbrella Rank: 42	74 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	89 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
20	6

	Domain	Requested by
8	www.iqforumas.lt	www.iqforumas.lt
3	accounts.google.com	apis.google.com www.iqforumas.lt www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.iqforumas.lt connect.facebook.net
2	apis.google.com	www.iqforumas.lt apis.google.com
2	iqforumas.lt	2 redirects
1	www.gstatic.com	accounts.google.com
1	www.facebook.com	www.iqforumas.lt
1	fonts.googleapis.com	www.iqforumas.lt
20	9

This site contains no links.

Subject Issuer	Validity	Valid
iqforumas.lt R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.iqforumas.lt/
Frame ID: 89ED199C402BC56659C9029F6AB1B78A
Requests: 16 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 04C8B2FE1A232C5851F3E5C23B4090DC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FORUMAS

Page URL History Show full URLs

http://iqforumas.lt/ HTTP 301
https://iqforumas.lt/ HTTP 301
https://www.iqforumas.lt/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

1528 kB
Transfer

2166 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iqforumas.lt/ HTTP 301
https://iqforumas.lt/ HTTP 301
https://www.iqforumas.lt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.iqforumas.lt/
Redirect Chain

http://iqforumas.lt/
https://iqforumas.lt/
https://www.iqforumas.lt/

12 KB
5 KB

184ms
47ms

Document
text/html

93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a04741b44acb777503313987644da6d295bf098176450658df83a8f7cbb01db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Apr 2023 18:23:02 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Fri, 14 Apr 2023 18:23:02 GMT
Location: https://www.iqforumas.lt/
Server: nginx/1.14.0 (Ubuntu)

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 133ms
53ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca00e9050ed6adef62cc61def53f61c9e985afa226c8230d4113e2beb89e10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 18:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 16:32:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 18:23:02 GMT

GET
H/1.1 200
OK animation.css
www.iqforumas.lt/css/ 668 B
506 B 45ms
44ms Stylesheet
text/css 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqforumas.lt/css/animation.css
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 784d1da3cdc572fa8bfd0141101c75c7e6125bdc7b53ae1172e48bdaf94878ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:26:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63d3c2fe-29c"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H/1.1 200
OK aos.css
www.iqforumas.lt/jQuery/aos/dist/ 25 KB
3 KB 89ms
44ms Stylesheet
text/css 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqforumas.lt/jQuery/aos/dist/aos.css
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:26:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63d3c2eb-65c5"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H/1.1 200
OK jQuery.js Show response
www.iqforumas.lt/jQuery/ 263 KB
94 KB 170ms
86ms Script
application/javascript 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqforumas.lt/jQuery/jQuery.js
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6bb50d3f55ed39a5d2b5847767021a7b84ce7763b1871b90a950f6b33cf56c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:26:18 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63d3c2ea-41bf1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H/1.1 200
OK jQuery.cookies.js Show response
www.iqforumas.lt/jQuery/ 4 KB
2 KB 139ms
54ms Script
application/javascript 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqforumas.lt/jQuery/jQuery.cookies.js
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b4a3df4498692dc8070a733a2a562bc993035e31663db219d5f6ecb2876ec4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:26:18 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63d3c2ea-10f7"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 124ms
44ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderButton

Requested by

Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c79cd3aded193816d4a148a08fbb9ced0b444efa8a2cbd51737787e6160bfc81

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 18:23:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21025
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6ece221a45f0c720"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 18:23:02 GMT

GET
H/1.1 200
OK closeBaltas_64.png
www.iqforumas.lt/images/ 4 KB
4 KB 41ms
41ms Image
image/png 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqforumas.lt/images/closeBaltas_64.png
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 98439ed3f28f56121f0bac6734e797b38714df85b8bab6484a67e7b3b98b931b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Last-Modified: Fri, 27 Jan 2023 12:26:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "63d3c2e9-f82"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3970
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H/1.1 200
OK iqforumas.png
www.iqforumas.lt/media/logotipai/ 31 KB
31 KB 88ms
88ms Image
image/png 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqforumas.lt/media/logotipai/iqforumas.png
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b502369cf4c0e7855f88672861dfd4f7f529d1428c4ab00094de0499321f5e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Last-Modified: Fri, 27 Jan 2023 12:26:21 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "63d3c2ed-7a2b"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31275
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 28ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37fcb039035a4435c8266948fc423ea0c4cc48162e91d6b6ea757de75871bad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 18:23:02 GMT
content-md5: PzITyHKLZTALX7G/lpriAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: I/ggZ0guDxKnBXbSsFLKpr2BsxCIUGObmlghq3IE6AZj4/wbfng56oQTB71z9U+MRbYb+fesJRvSm8FlX/llig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 59d4dea17a5ad0c179f0191e4e68681c
cross-origin-opener-policy: same-origin-allow-popups
etag: "b58a5ccc07d3fdece2c0c4f982462886"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 14 Apr 2023 18:27:49 GMT

GET
H/1.1 200
OK atnaujinimas_1200.png
www.iqforumas.lt/images/ 1 MB
1 MB 87ms
87ms Image
image/png 93.115.27.126
CHERRYSERVERS1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqforumas.lt/images/atnaujinimas_1200.png
Requested by: Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 93.115.27.126 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS: alfa.lt
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 274f5dc796a63c40bf91190068249f0348eb8719c5aa291b3952bd9f5d5e41d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 18:23:02 GMT
Last-Modified: Tue, 11 Apr 2023 08:50:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "64351f54-1210bd"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1183933
Expires: Fri, 14 Apr 2023 18:33:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 119ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.iqforumas.lt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 02:07:56 GMT
x-content-type-options: nosniff
age: 144906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:07:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 127ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.iqforumas.lt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 287524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ 148 KB
51 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderButton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d998953bd73fedd878cc8444bae9dd5f094fe5cfb29583a39ab0a1add53752b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 17:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51563
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 17:35:32 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7ca61392a5db857116023ae176f96091

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bca70418c736be16a0a34c033dffc195676683b27efe8aa9e9d6591d910af22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.iqforumas.lt/
Origin: https://www.iqforumas.lt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 18:23:02 GMT
content-md5: JmCRxHwvKm7dt5xfjQ3fkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88562
x-fb-rlafr: 0
x-fb-debug: Rs7rpHP2TFhiRRp+p/wC2NXU6uRJhV3AMyZRiLmC/LquIh953uQYN0D8QhIkb2L4rpV5gsAqlZyib+n9i2KZIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4c938b830de5996bb1f7598c84bbb04f
cross-origin-opener-policy: same-origin-allow-popups
etag: "fb02c0a44c55c5da5915c8cf41c9b781"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Apr 2024 16:01:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
11ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=445402463508361&ev=fb_page_view&dl=https%3A%2F%2Fwww.iqforumas.lt%2F&rl=&if=false&ts=1681496582959&sw=1600&sh=1200&at=

Requested by

Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iqforumas.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Apr 2023 18:23:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 04C8 280 B
1 KB 3241ms
3156ms Document
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbfb79c3ebb476ec945fd901cd45ed79cd770f19b807fe26a6488efcd623a0e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wFpjD_KLJHP659GaCXZsHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqforumas.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wFpjD_KLJHP659GaCXZsHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 18:23:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 04C8 2 KB
916 B 55ms
53ms Other
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.iqforumas.lt
URL: https://www.iqforumas.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba34485ed12e76f00d9f77785b4b446df569588633ad2b67b5dc540a32aad8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 18:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.YLeXLZi0eSM.es5.O/d=1/rs=AOaEmlEb6L4ZTy7QWZhM4TIH8RNcVKilMQ/ Frame 04C8 101 KB
36 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.YLeXLZi0eSM.es5.O/d=1/rs=AOaEmlEb6L4ZTy7QWZhM4TIH8RNcVKilMQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddfaa99cdc08ba8727407a347f092d34aa8a389c33dbcab22862ba29d26f40fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35739
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 22:42:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 06:13:15 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 04C8 49 B
97 B 326ms
326ms XHR
application/json 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.iqforumas.lt&client_id=852462031857-qc5rcgb45u0ndnvr361k6ocn3md83u3s.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.YLeXLZi0eSM.es5.O/d=1/rs=AOaEmlEb6L4ZTy7QWZhM4TIH8RNcVKilMQ/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-U8WvUOxJ0UUhxLH_ipTFUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:23:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-U8WvUOxJ0UUhxLH_ipTFUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 14 Apr 2023 18:23:06 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.iqforumas.lt/	1970-01-20 20:40:56	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 15:28:27	Name: NID Value: 511=TcWH-8bY0DA8Nxt4FRh3qaoYEMykmSEHDy3W_gObu28Vv7T2intgXLsVwPL3FnnXkoZ_MZq6puWTG2Sm8T6ZHTF_IkOBWoirXe5Ce3orHcTrv_baKFQccR3K3qOSqgGBXrRbSHVXkI1OgH1tZWcM9PGj4RO4HWHwwlMEz6Ji6uU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=signin2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs(Line 177) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
iqforumas.lt
www.facebook.com
www.gstatic.com
www.iqforumas.lt
2a00:1450:4001:80b::200d
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
93.115.27.126
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
274f5dc796a63c40bf91190068249f0348eb8719c5aa291b3952bd9f5d5e41d3
2b4a3df4498692dc8070a733a2a562bc993035e31663db219d5f6ecb2876ec4c
37fcb039035a4435c8266948fc423ea0c4cc48162e91d6b6ea757de75871bad8
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4d998953bd73fedd878cc8444bae9dd5f094fe5cfb29583a39ab0a1add53752b
5bca70418c736be16a0a34c033dffc195676683b27efe8aa9e9d6591d910af22
6a04741b44acb777503313987644da6d295bf098176450658df83a8f7cbb01db
6bb50d3f55ed39a5d2b5847767021a7b84ce7763b1871b90a950f6b33cf56c3d
784d1da3cdc572fa8bfd0141101c75c7e6125bdc7b53ae1172e48bdaf94878ea
98439ed3f28f56121f0bac6734e797b38714df85b8bab6484a67e7b3b98b931b
b502369cf4c0e7855f88672861dfd4f7f529d1428c4ab00094de0499321f5e1d
ba34485ed12e76f00d9f77785b4b446df569588633ad2b67b5dc540a32aad8a0
c79cd3aded193816d4a148a08fbb9ced0b444efa8a2cbd51737787e6160bfc81
ca00e9050ed6adef62cc61def53f61c9e985afa226c8230d4113e2beb89e10e3
ddfaa99cdc08ba8727407a347f092d34aa8a389c33dbcab22862ba29d26f40fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbfb79c3ebb476ec945fd901cd45ed79cd770f19b807fe26a6488efcd623a0e0

www.iqforumas.lt Open in urlscan Pro 93.115.27.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

88 %IPv6

6 Domains

9 Subdomains

8 IPs

2 Countries

1528 kBTransfer

2166 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

www.iqforumas.lt Open in urlscan Pro
93.115.27.126 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

1528 kB
Transfer

2166 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions