www.onlatvia.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.onlatvia.com/
Effective URL:
https://www.onlatvia.com/
Submission: On March 11 via api (March 11th 2024, 10:35:15 pm UTC) from US — Scanned from NL

Summary HTTP 205 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 76 IPs in 10 countries across 54 domains to perform 205 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onlatvia.com.
TLS certificate: Issued by E1 on March 3rd 2024. Valid for: 3 months.

This is the only time www.onlatvia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	185.193.27.19 185.193.27.19	62282 (RACKRAY U...) (RACKRAY UAB Rakrejus)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	54.38.133.13 54.38.133.13	16276 (OVH) (OVH)
3	2a04:4e42:6f::84 2a04:4e42:6f::84	54113 (FASTLY) (FASTLY)
18	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3 8	54.38.133.136 54.38.133.136	16276 (OVH) (OVH)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223c:8600:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:225b:4800:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 3	52.211.99.1 52.211.99.1	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
3	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 3	18.203.213.103 18.203.213.103	16509 (AMAZON-02) (AMAZON-02)
1	52.211.42.117 52.211.42.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	18.65.35.42 18.65.35.42	16509 (AMAZON-02) (AMAZON-02)
1	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1 1	141.95.171.141 141.95.171.141	16276 (OVH) (OVH)
3 3	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	104.26.9.178 104.26.9.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::91	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
7	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	23.197.10.19 23.197.10.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.242.0.137 34.242.0.137	16509 (AMAZON-02) (AMAZON-02)
1	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.98.37 2.18.98.37	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	54.225.221.22 54.225.221.22	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
1 2	52.211.226.3 52.211.226.3	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:d5b1:a87b:8c2a:4668	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
205	76

22 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.onlatvia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.193.27.19 (Lithuania)

ASN62282 (RACKRAY UAB Rakrejus, LT)

kaunas.kasvyksta.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.38.133.13 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip13.ip-54-38-133.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:6f::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.38.133.136 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip136.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8600:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:4800:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.99.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-99-1.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.213.103 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-213-103.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.42.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-42-117.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.35.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-35-42.ams1.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.141 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh

pixel-eu.onprospects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.215 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.178 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::91 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.0.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-0-137.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.98.37 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-98-37.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.221.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-221-22.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.226.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-226-3.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:d5b1:a87b:8c2a:4668 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	onlatvia.com 1 redirects www.onlatvia.com	157 KB
20	google.com maps.google.com — Cisco Umbrella Rank: 2205 www.google.com — Cisco Umbrella Rank: 2	423 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161 5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com	84 KB
12	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 301 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 621 aax.amazon-adsystem.com — Cisco Umbrella Rank: 406 s.amazon-adsystem.com — Cisco Umbrella Rank: 329	162 KB
12	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 1064 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 475	318 KB
10	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065 bidder.criteo.com — Cisco Umbrella Rank: 702	15 KB
9	gemius.pl 3 redirects adlv.hit.gemius.pl — Cisco Umbrella Rank: 364785 ls.hit.gemius.pl — Cisco Umbrella Rank: 16103	65 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1729	4 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	302 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 374	52 KB
6	adocean.pl 2 redirects lv.adocean.pl — Cisco Umbrella Rank: 348012	120 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 477 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 534 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631 dsum.casalemedia.com — Cisco Umbrella Rank: 1431	3 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2186 google-bidout-d.openx.net — Cisco Umbrella Rank: 2171 setupad-d.openx.net — Cisco Umbrella Rank: 64406 u.openx.net — Cisco Umbrella Rank: 734	1 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1035 bcp.crwdcntrl.net — Cisco Umbrella Rank: 956 sync.crwdcntrl.net — Cisco Umbrella Rank: 917	25 KB
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3575 widgets.pinterest.com — Cisco Umbrella Rank: 18247 log.pinterest.com — Cisco Umbrella Rank: 5112	20 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1170	106 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 496 eus.rubiconproject.com — Cisco Umbrella Rank: 606 token.rubiconproject.com — Cisco Umbrella Rank: 493	15 KB
4	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 729 ce.lijit.com — Cisco Umbrella Rank: 921	837 B
4	gstatic.com maps.gstatic.com fonts.gstatic.com	32 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 677	101 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 836 id5-sync.com — Cisco Umbrella Rank: 433	54 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1652 a.ad.gt — Cisco Umbrella Rank: 1812	5 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 464 ads.pubmatic.com — Cisco Umbrella Rank: 540 image6.pubmatic.com — Cisco Umbrella Rank: 855	6 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 20781	1 KB
3	adform.net adx.adform.net — Cisco Umbrella Rank: 4786	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 100 web.facebook.com — Cisco Umbrella Rank: 225	28 KB
3	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2338 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6938	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 246	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 699 cdn.indexww.com — Cisco Umbrella Rank: 1921	2 KB
2	dotomi.com 1 redirects proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2455 casale-match.dotomi.com — Cisco Umbrella Rank: 3369	645 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 39548	1 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 31039	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	89 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	3 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4668 ups.analytics.yahoo.com — Cisco Umbrella Rank: 428	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	59 KB
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1480	181 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 588	654 B
1	liadm.com i.liadm.com — Cisco Umbrella Rank: 593	180 B
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 46639	241 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1779	10 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 757	171 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 364	149 B
1	onprospects.com 1 redirects pixel-eu.onprospects.com — Cisco Umbrella Rank: 88867	240 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 316	29 KB
1	360yield.com ice.360yield.com — Cisco Umbrella Rank: 2196	312 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 256	739 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1235	6 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2890	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1845	8 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 37480	118 KB
1	kasvyksta.lt kaunas.kasvyksta.lt	3 KB
205	54

	Domain	Requested by
22	www.onlatvia.com	1 redirects www.onlatvia.com
18	maps.google.com	www.onlatvia.com maps.google.com
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.onlatvia.com
8	adlv.hit.gemius.pl	3 redirects lv.adocean.pl www.onlatvia.com adlv.hit.gemius.pl
7	prg.smartadserver.com	stpd.cloud
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.onlatvia.com
6	c.amazon-adsystem.com	www.onlatvia.com c.amazon-adsystem.com stpd.cloud
6	gum.criteo.com	2 redirects static.criteo.net stpd.cloud
6	lv.adocean.pl	2 redirects www.onlatvia.com
5	securepubads.g.doubleclick.net	www.onlatvia.com securepubads.g.doubleclick.net www.googletagservices.com
4	secure.cdn.fastclick.net	www.onlatvia.com secure.cdn.fastclick.net
4	maps.googleapis.com	maps.google.com www.onlatvia.com
4	static.criteo.net	securepubads.g.doubleclick.net stpd.cloud lv.adocean.pl static.criteo.net
3	pixel-eu.onaudience.com	3 redirects
3	ap.lijit.com	1 redirects lv.adocean.pl stpd.cloud
3	adx.adform.net	lv.adocean.pl stpd.cloud
3	assets.pinterest.com	www.onlatvia.com assets.pinterest.com
3	fonts.googleapis.com	www.onlatvia.com maps.google.com
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com
2	www.google.com	tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	prebid-stag.setupad.net	stpd.cloud
2	loada.exelator.com	2 redirects
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	prebid-eu.creativecdn.com	lv.adocean.pl stpd.cloud
2	bidder.criteo.com	lv.adocean.pl stpd.cloud
2	scontent.xx.fbcdn.net	www.facebook.com
2	maps.gstatic.com	www.onlatvia.com
2	connect.facebook.net	www.onlatvia.com connect.facebook.net
2	www.google-analytics.com	www.onlatvia.com www.google-analytics.com
2	www.facebook.com	www.onlatvia.com connect.facebook.net
2	mug.criteo.com	www.onlatvia.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	id5-sync.com	cdn.id5-sync.com stpd.cloud
2	oajs.openx.net	1 redirects www.onlatvia.com
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net www.onlatvia.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net stpd.cloud
2	cdn.id5-sync.com	securepubads.g.doubleclick.net www.onlatvia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	dsum-sec.casalemedia.com	1 redirects
1	i.liadm.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	stpd.cloud
1	ce.lijit.com	stpd.cloud
1	u.openx.net	stpd.cloud
1	js-sec.indexww.com	stpd.cloud
1	log.pinterest.com
1	5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	web.facebook.com	1 redirects
1	a.ad.gt	cdn.hadronid.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	node.setupad.com	www.onlatvia.com
1	cdn.hadronid.net	www.onlatvia.com
1	hbopenbid.pubmatic.com	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	prebid.a-mo.net	stpd.cloud
1	htlb.casalemedia.com	stpd.cloud
1	fastlane.rubiconproject.com	stpd.cloud
1	match.adsrvr.org	www.onlatvia.com
1	sync.crwdcntrl.net	1 redirects
1	pixel-eu.onprospects.com	1 redirects
1	aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ls.hit.gemius.pl	adlv.hit.gemius.pl
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagservices.com	www.onlatvia.com
1	ice.360yield.com	lv.adocean.pl
1	ib.adnxs.com	lv.adocean.pl
1	www.googletagmanager.com	www.google-analytics.com
1	widgets.pinterest.com	assets.pinterest.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.onlatvia.com
1	stpd.cloud	www.onlatvia.com
1	kaunas.kasvyksta.lt	www.onlatvia.com
205	92

This site contains links to these domains. Also see Links.

Domain
maps.google.com
www.google.com
www.pinterest.com

Subject Issuer	Validity	Valid
onlatvia.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
kaunas.kasvyksta.lt R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
stpd.cloud E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2024-01-29` - `2025-02-06`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-19` - `2024-12-29`	a year	crt.sh
setupad.net E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.a-mo.net R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
node.setupad.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.onlatvia.com/
Frame ID: DC7BFA1C979FA7E4EE1684648D58D6A9
Requests: 153 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.onlatvia.com
Frame ID: 1DB6138F21C0B95BE40A9FFF7236FFD3
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250
Frame ID: BBE98599ECC95274624204D16A24BC80
Requests: 11 HTTP requests in this frame

Frame: https://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js
Frame ID: 5BE1C5972A05691A058E4FFF4EC1A917
Requests: 22 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 562A628E588516829C98644A8999FBCB
Requests: 1 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 34D9B1176BC09775B8E42C123B8F4306
Requests: 4 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 6DB6363205AF1DC00A4E364A8C33A607
Requests: 1 HTTP requests in this frame

Frame: https://aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 97F5779C3204B9DC3307A30CFE72317B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60E1ED472261F2DE04026D526E317185
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05F20AFB9F22A68B1AA6C5F0125D6DBC
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey&_rdc=1&_rdr
Frame ID: 0B6C5C6BF58013224D9DB98F09007C99
Requests: 3 HTTP requests in this frame

Frame: https://5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE085D0B63109C1D5CE90023B2EAA2ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 002B454D0A51B81C6C8A389E7804195B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F5608B50F8320A752FE3E90CBFA47C4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.onlatvia.com
Frame ID: 5A5E0A21047E5171136C4860B7FED5F1
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3CB8E76431B3D5830B47EB8A295CEFD9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F17EA99EACCF972F651EAE7CB14442AA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401985
Frame ID: AA147F5597F503A0007DF8DE831ABA56
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 6EF4BBCA3B7966FD49E798E594E4C9C5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6EEFE1CE23B0CAF867EEA70C762024EC
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1EC244BDBCC21060E017E8FCF72A9733
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

On Latvia

Page URL History Show full URLs

http://www.onlatvia.com/ HTTP 301
https://www.onlatvia.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

205
Requests

96 %
HTTPS

43 %
IPv6

54
Domains

92
Subdomains

76
IPs

10
Countries

2555 kB
Transfer

7802 kB
Size

39
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.google.com/maps?ll=57.109104,24.216809&z=6&t=m&hl=nl-NL&gl=US&mapclient=apiv3

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/nl-NL_US/help/terms_maps.html
Title: Voorwaarden

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/@57.109104,24.216809,6z/data=!10m1!1e1!12b1?source=apiv3&rapsrc=apiv3
Title: Een kaartfout rapporteren

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?guid=zchs7RaBibFw-2&url=https%3A%2F%2Fwww.onlatvia.com%2F&media=https%3A%2F%2Fs0.wp.com%2Fi%2Fblank.jpg&description=On%20Latvia
Title: 2Save

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.onlatvia.com/ HTTP 301
https://www.onlatvia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200 HTTP 301
https://lv.adocean.pl/__/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200 HTTP 301
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1710196509%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJ7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1710196509%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJ7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://lv.adocean.pl/___/_1710196509/ad.js?hclsdata=&hcudata=aFwXw1wZN4hCiOtB8EkpSW8b2sCKpfJG2IDsA6QiHXz.x7&id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200

Request Chain 35

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp&cc=1

Request Chain 39

https://gum.criteo.com/sid/json?origin=publishertagids&domain=onlatvia.com&sn=ChromeSyncframe&so=0&topUrl=www.onlatvia.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MOARE3xnOXdRaVMyUjhzY3dKTDdITk5MWXJXcUxqemxGZE9LZ2JUYUxuYWdBTHFReTV3Z2hLclJrVkl0elZ0MHZRbWRMQlYzZks2bWh2V2d4UUZNcGw4aC9CMDZoZVMyOCtCNUdHUU1WempUUW5nZ3BHY2JCRUNBWnlHSnNROFNzK09IUnZVa2p1YmtKemdCcnV4Q1RvRjR3MkdIV01ZM3JOcW15NkVEYzdMN2hmbHduRzJ0MDZwOVkxdWlmRm5WMHR3NlFHbkpTU0E5Mk9FRUhod2ZLQlRNZnowb1ZqZDB3dnFKZGNxdTZlYkN2NTBPcFBiY2J5RjB6d2dRMC9DKzQwZ1g1U0ZCbVJkWTdLUFpUTm8wWFJDWUVlQ3BDZ2I5d3ZlSE1nemVBUTFCU0M2TT18&cppv=2

Request Chain 120

https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D HTTP 301
https://pixel-eu.onprospects.com/?partner=254&mapped=Wn4qhCfFM4QsJq0RtY2mRHlm1G7s6nJpfij9AWZSKdX..7&gdpr=0&gdpr_consent= HTTP 301
https://pixel-eu.onaudience.com/?partner=254&mapped=Wn4qhCfFM4QsJq0RtY2mRHlm1G7s6nJpfij9AWZSKdX..7&gdpr=0&gdpr_consent=&onp HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=9ba7c92fe120caec99ed38ef41b89e9c&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=72accd9558af5094/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 194

https://web.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey HTTP 302
https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey&_rdc=1&_rdr

Request Chain 213

https://gum.criteo.com/sid/json?origin=publishertag&domain=onlatvia.com&sn=ChromeSyncframe&so=3&topUrl=www.onlatvia.com&bundle=5bqgYF84a05FU2RheUJ6Sm5GNEslMkJEVllqMGYzVDhBOWVSS3JZR3kxNTUzMUpyYU5sOEtjdTQ1SXJMd0k0cDd4MmdYcHlxQ0hRZ3JsdnN2Q3BZaVNkMm54dVlqZld6VTE2VVRzRzFTcWJ2RkVJektSbEc3Mlo2UFNrdTNXNUUlMkZ3T0U4TFBRNURhaGJvMXRsdm1aMTNCanNoRGt3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EBkysXxEMStnektwV2lkWkhqQTk3MHd0TU1FdHRybHpUSHJjSnUydG1hNzNJdzdzOGZPYVZabjVLRkM1N0Y5MCtBU2xkamRlbkRtbk1sQm1YOGdxekhJRFNyQzh2cXpENzhLZkJ1TGZqMjNHc3F5cXNIUi9VZDZoY0lMNnVkNW52RVZtNk9UaUxFZGx0UjZ0UnNZVysvZ3NpaGpEejVtaFErMDZBb09ycXZ0SVVlbzlNZUZXU1BHZ3U3ZFluSnRydVpubHFCTU10VW92amdjR2RNZFNIMkhkMlZYSVBnMnkzMFdxKzFrRmRsRWhrOWp3SDVzRkVYWTBBdzdibjhkcllXdnFhU0o1ZGJzU1kzTlBPQ1lSWHhZVllualpUeFl3SmlkL2h3OG5rY011eDFHVT18&cppv=2

Request Chain 216

https://ap.lijit.com/beacon?informer=13401985 HTTP 302
https://ce.lijit.com/beacon?informer=13401985

Request Chain 219

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 222

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 225

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ze.HIVVbLSkAAAkrANa5lQAA

Request Chain 227

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127

Request Chain 228

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1710282914

205 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.onlatvia.com/
Redirect Chain

http://www.onlatvia.com/
https://www.onlatvia.com/

141 KB
22 KB

971ms
937ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef2dcab49a83c4ca40a11075669c19722bb308cbee7b6bc030cf31416633bb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 862f040f79870a61-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 22:35:09 GMT
link: <https://www.onlatvia.com/wp-json/>; rel="https://api.w.org/" <https://www.onlatvia.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYWdE7GhHeB38RHxLSsZZPBXg3cGZ4Ip%2FHgUYzfxaCvb2XPY5cJOd%2FncBwe8IDgP3EEEwyEBX%2Bz3cwnpr341SqoyLx8t%2FEwVrWvdS0AI8am0k2k%2F9vlbcoLslMPb2m3UgtE%2FeZhJb36v3cHEzSRi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 862f0408cf58668d-AMS
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Mar 2024 22:35:08 GMT
Location: https://www.onlatvia.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7QYB7W7VlqxenNKRcKXcxhCNh8EHVM%2FEuO415SAOrdPLcqd86cZAsuTYif1ZWd%2F%2BqRqHoevMAgtf2lG5%2BdNjpsjLX9QPKHp8BMFoomEDUitGHbzIYS7yUHbAQYyZsg8hEM2LQ4VXvlslagZ0tGW"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Redirect-By: WordPress
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/ 2 KB
1 KB 26ms
24ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/style.css?ver=1.10.7
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5374b58d841d29903b3264973fbeb29fee6b6a943340db1821cbb882c0a40826

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2017 13:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"733-55c231c5cae40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT%2F7Hcd%2BOjglOsFnEgo9LeL76FgZXGN8hNNbiDT5Y%2FWkBWBtpXMvoDg0TRhHC1mT4OJXkJL6%2FR%2FwfDbW8dmgadmTVz4g2NXgsPB9DjaorQV9IsPHjR5o7Z7Z8nKhTuaoFiTBM3Iwd8%2BJISLrB2o3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f440a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 style.min.css
www.onlatvia.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 39ms
37ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.20
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 12:27:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"7257-5c001fbbb3a4a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FEYP7FGVWmHN6K%2FmxNZlpkWtDC4DtHhTkVp2QodmHWo88vXOMOfkBmpGwC9FpV5K1STtVQk4iIu5WMmDk0xthXF5sRpnt5QhbjUy%2FwjtLU4%2F09JHHQEEtPuMSEtLEhO4o7jh4%2B%2FP4nIIOjUh0Ps"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f460a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 style.css
www.onlatvia.com/wp-content/themes/twentyfourteen/ 80 KB
15 KB 27ms
25ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/themes/twentyfourteen/style.css?ver=5.2.20
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b16f149431d8b0a80911c8d5d964200bbcfe08651c272c98756ffd90b60af91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 14:36:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"13f87-5fbf8bac6adc1-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG%2B6BDiRr5Gk89wyTnO4w%2BTqC5jMf0Pm1Ft%2ByQzApdqoB4aMyVP70oGW%2FhEFXoZUfyL%2FC4qt0XhmqEfpIPyLA%2B4T6Lhjq8TLlk00%2BmgM3L04ZvKVD%2BqTKgqkMddsGRjj%2Fbm22%2FfLIybI4fKXTc3z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f470a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
936 B 109ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e46aebd8b3d1b2ccee73391693425524a63b373bc7a647eef58cd88b65b5c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:30:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H2 200 genericons.css
www.onlatvia.com/wp-content/plugins/jetpack-sharing/genericons/genericons/ 28 KB
16 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/plugins/jetpack-sharing/genericons/genericons/genericons.css?ver=3.1
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1b10e57f0f5456093448e771e44fe50b6266edcbc2c93ca47cce0af0b3418c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2017 13:59:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"6e4a-55c231d419000-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIfcGlJl6QzkFmcmZ7bpbNklLrCN4bVK714EMG2Z3s1Ugv4Vg9f37bu6CsmADcMDWiAHYLQc7HLB1V9SuOG3b8VuvgPrlJoFxh%2BCyINxRFAbp3gx%2BNwQKH%2F6hTmwli2RERyaMpZwVjGR3WQlFU2g"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f480a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 style.css
www.onlatvia.com/wp-content/themes/twentyfourteen-child/ 660 B
661 B 23ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/themes/twentyfourteen-child/style.css?ver=5.2.20
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d708fa4c0ee51af01e4b17a833a7c116b07742b6e10d3cfe34ac9a74c234ded9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 11:11:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"294-5952d63dc4440-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FOcwnQH3KvS%2BGMQkG0%2BEGFLrleW1dJngUK%2BJnYQx6qXC21vIqb%2B4wybhAWLn8w1RlmMRDBcPJi2YIUJ3HLtuhcDDrdJqIyJJ5pKawzp5XIyrCLWbjugfUGDT9oHd%2FXR55Bj%2BhP0msBr6tAP1CTR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f490a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 sharing.css
www.onlatvia.com/wp-content/plugins/jetpack-sharing/sharedaddy/ 17 KB
4 KB 25ms
24ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/plugins/jetpack-sharing/sharedaddy/sharing.css?ver=3.9.6
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8eef831b5fc21d8a49df93c579edf12f575ba3e1adc2725d2ed5e82ac7ca6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2017 13:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31991
etag: W/"43a7-55c231dbba200-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etowXMet6WCsBNwspzhsEbb4oKwxQYgEZXPkiedACx4bjk%2BTRgjkt9ftc852qs8QJjq1ndFesFCunnjf2TsN3QiILpKB96dZ6XwV6vzwsbinKI18LM9b1f9inE96ghUUk2PzymIGvD%2FTMZG4n1x7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 862f04156f4a0a61-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 13:41:58 GMT

GET
H2 200 jquery.js Show response
www.onlatvia.com/wp-includes/js/jquery/ 95 KB
34 KB 127ms
126ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 Nov 2019 14:55:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17a69-596868224eeba-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFK4qrbAWKscdWGJNYBN3tyF%2BuVSO6pQgw8nMos5c6yEEfOjwmnmpLQKQrcTljg%2Bcsri6JlhybOCDfNHz3zXLdt2ZsXdIP82RuFcIAjAlCFt874Yzt%2BnL06uf3zo2BXLYXTFBqi2sPNkEUHawh8u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04156f4c0a61-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.onlatvia.com/wp-includes/js/jquery/ 10 KB
4 KB 91ms
90ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 22 Oct 2017 14:00:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2748-55c23213fe6c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGP9%2FXaXaEuST7uw7QLv0rHCc7DDRgelTf5tXMLotaRLWdREbIAp9FaNuMnQPg8o9v1RsYB%2BMVHxB3d2Ua9avC08o0p2kWZ2oVwBFA5qA9aApQJ%2BITI1Gj30ZR07Iwzws6766sGZIFFVw37q0eco"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04156f4d0a61-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK inview.js Show response
kaunas.kasvyksta.lt/wp-content/themes/kasvyksta/js/ 5 KB
3 KB 189ms
42ms Script
application/x-javascript 185.193.27.19
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to

Full URL

https://kaunas.kasvyksta.lt/wp-content/themes/kasvyksta/js/inview.js?v=4

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.193.27.19 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:35:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Via: 1.1 varnish (Varnish/6.1)
Age: 133
X-Cache: HIT
X-UA-Device: pc
Connection: keep-alive
Content-Length: 2129
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Jun 2020 13:03:45 GMT
Server: nginx/1.14.2
ETag: "14be-5a8abdf6eae40-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding, X-UA-Device
Content-Type: application/x-javascript
X-Varnish: 996225566 996009025
cache-control: public, max-age=600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
29 KB 106ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60f918ff0211c07949d8c1cf0bb4da286b760c46cef1dc021c24ba01ae8d0d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28813
x-xss-protection: 0
server: cafe
etag: 270 / 19793 / 31081752 / config-hash: 12108540257622360864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H2 200 3301 Show response
stpd.cloud/saas/ 451 KB
118 KB 949ms
910ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/3301
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09802b57468f278899bbace740196b6720b1edc1b0a65e45945de8862f1389d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: s-maxage=300
cf-ray: 862f0416da410bb0-AMS
stpdhash: true

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
4 KB 128ms
33ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 13:26:09 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3211
expires: Tue, 12 Mar 2024 02:35:09 GMT

GET
H3 200 cropped-OL-logo-41-150x150.png
www.onlatvia.com/wp-content/uploads/2015/09/ 24 KB
24 KB 120ms
120ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2015/09/cropped-OL-logo-41-150x150.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f905b994588b153d14c03a3483121b0fa70981f03601f1fd2cc0a0811c79b3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e1c-55c231fe0f300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrHtuzukqcuAyZI2cJ7TV68MaLVTO0U5gxhHMlTZzxr5BfDq53CFPEuMKq6Y8Eit%2FY475QAKDtMw0BktcYm2uADrp4fkIRiYWRNQqvsEaVDCYKvUV60aujUDHfzvxmWh%2BJWcaSJNsFad0GsuCiSW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f04169bc56616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24092
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H2 200 loading.gif
www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/images/ 11 KB
11 KB 89ms
89ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/images/loading.gif
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb94f3a69669fba548dbba9a87dee259698b2bf339f3ed430e35a8a8ab49811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 13:59:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2a43-55c231c3e29c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tlbH1LYcTznMawcbZIsFdtgsfByuYpKcZhmrghzDQWpFn00Sfsy%2BSi%2FETsP7iTn3sWJOa%2Byvhtx3y%2FN9pGzKCsuyk7OaQeXLXDTD6HjDt6vFpbZARtfx074pvQDg8Kcdq7m1uShU5iAm2KPsqv7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f04156f4f0a61-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10819
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H2 200 pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/ 908 B
1 KB 107ms
25ms Image
image/png 2a04:4e42:6f::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
x-cdn: fastly
etag: "8a25277cfdf72f8f916b4cdc34052149"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Origin
cache-control: max-age=86400
alt-svc: h3=":443";ma=600
content-length: 908

GET
H2 200 js Show response
maps.google.com/maps/api/ 191 KB
64 KB 113ms
46ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7b79160e10110379b613d61abf5806b4d72f45ebe23e760e0f92e0ce24f1439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65683
x-xss-protection: 0

GET
H3 200 functions.js Show response
www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/ 10 KB
4 KB 97ms
97ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/plugins/basic-google-maps-placemarks/functions.js?ver=1.10.7
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb4ee4673cd10f65c03a42f17e8a70ee7c497945399701e5e444807fdc5184b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 22 Oct 2017 13:59:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2614-55c231c3e29c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg00stvLlP8i5co4t6sKad7qUgK3Aksa9eAV9E6Q6ROPGeOk6Pi1sAXI%2FzQJfWEtXdqnQzlXw%2FvwSBfDC4v%2FcaqxDpk6xcW1RKx2vWCElz6R9ngJ%2BXV4GqmuvwieEwP3Ry9TjTc1Cos2m0GAa7yr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04161b426616-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 functions.js Show response
www.onlatvia.com/wp-content/themes/twentyfourteen/js/ 4 KB
2 KB 90ms
89ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20150315
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb65adc0a35b1683f0923e6ba15432924cfb6a530b9286228990432d6bcbde0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 03 Jan 2018 00:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b1-561d3f9b5fac0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgB%2F%2Boelpinzlux06GVtG%2FYEHLKdZ1GKvfmtdQ2iuNLp9juJ4lb2egUMLn5lil4%2FdocMLerDbjY0Z376cyc776K9BbCOIAfRoUg0WGANL8QhRfv1FfE0jM1xgLOkv2TE6OoeADdsbtjqEtvf5iS4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04169bc06616-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-embed.min.js Show response
www.onlatvia.com/wp-includes/js/ 1 KB
1 KB 107ms
106ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-includes/js/wp-embed.min.js?ver=5.2.20
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 May 2023 23:17:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a3-5fbd7c764c7ed-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HuJxmq6W0AO8Yoa%2Fg%2BAhyd2gzOrtWcFa4gGABOT6JgqWmBXhV6n4UTRpS570oec2TtBSamnbBJO3Bmg1FsTBDbVzMOUTvmcNbUSdL8K9qr4OvlrKYoqKX5i7SyEI11BxpNkCvG2VfFaVF59kCB9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04169bc26616-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 sharing.js Show response
www.onlatvia.com/wp-content/plugins/jetpack-sharing/sharedaddy/ 15 KB
4 KB 100ms
100ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlatvia.com/wp-content/plugins/jetpack-sharing/sharedaddy/sharing.js?ver=3.9.6
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90aa33fc36a55642aac0ba12f19fa364e54b0d5f3ac35bee16dd941445e10bcf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 22 Oct 2017 13:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b30-55c231dbba200-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5N6OLbc2%2BIc5bKogWZUsea0dzIukGmdYrRZUhbeg01DT1phy1pEL9rqnkDIuanWXi6yUhQlMYrvq%2FVqCbKJQVGI2yyHD6qXDAiBNUyzE%2FwOSZ9%2FvKOqeJQQkSe2rkWLfv7aGCcigyvJOWSpP5gh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 862f04169bc46616-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 hotjar-3240687.js Show response
static.hotjar.com/c/ 9 KB
4 KB 87ms
49ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3240687.js?sv=6

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1652c42c8855cd8a32bdc7c40342ea61c53f2192c61547ed4787182e1da5ab2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/1a4bf76996e66bf1e9df2c560b1e1a05
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: j7XhqnqD8FMsfWnn62u0OcjSksFOau0VZhkF0MBgNaS1WdKilf71gw==

GET
H2

200

ad.js Show response
lv.adocean.pl/___/_1710196509/
Redirect Chain

https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200
https://lv.adocean.pl/__/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1710196509%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJ7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37%2F...
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1710196509%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJ7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37...
https://lv.adocean.pl/___/_1710196509/ad.js?hclsdata=&hcudata=aFwXw1wZN4hCiOtB8EkpSW8b2sCKpfJG2IDsA6QiHXz.x7&id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200

51 KB
19 KB

34ms
34ms

Script
application/x-javascript

54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/___/_1710196509/ad.js?hclsdata=&hcudata=aFwXw1wZN4hCiOtB8EkpSW8b2sCKpfJG2IDsA6QiHXz.x7&id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 9aacae4e62b053a6183f515135930cd8da65009595d4b7ba62fdc56ada5318d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 18786
expires: Sun, 10 Mar 2024 22:35:09 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://lv.adocean.pl/___/_1710196509/ad.js?hclsdata=&hcudata=aFwXw1wZN4hCiOtB8EkpSW8b2sCKpfJG2IDsA6QiHXz.x7&id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 10 Mar 2024 22:35:09 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

Referer
Origin: https://www.onlatvia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 modules.a4fd7e5489291affcf56.js Show response
script.hotjar.com/ 220 KB
55 KB 81ms
20ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a4fd7e5489291affcf56.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3240687.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 304743
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55553
last-modified: Fri, 08 Mar 2024 09:55:51 GMT
etag: "739599f44296537096534936ee9c2d0d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 0LR3VEa4p4pa221uqfp38gPN-FOkbvfMioIu_mFeRBZiz5NnmqfiLw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/ 432 KB
136 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b12da79c02d59bdb1ef0406377ca4d027f9acb494f8724dd197e1515c30010d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139105
x-xss-protection: 0
server: cafe
etag: 11171669394880616412
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Mar 2025 22:01:03 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 47ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 19:19:10 GMT
content-encoding: gzip
age: 2344559
x-guploader-uploadid: ABPtcPrM3jErF0Pmaq1zN667kOLKQfGktaAtdZGCGJINoDMBNCghAzdRMnXaOQFTv6ffpuWF8Tg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 12 Feb 2025 19:19:10 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 105ms
22ms Script
application/javascript 2600:9000:223c:8600:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:8600:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:19:31 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: -k7sAtVZ4NQMaNAgi4A-fcvQ0JRsb8zli_FRqljx_HTedET3m-Rqqg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 91 KB
27 KB 62ms
25ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9993ba811178896cb23f4c7962c653da1b3abe26a94e25de15301bacf6465e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Feb 2024 12:45:12 GMT
server: cloudflare
x-amz-request-id: CPBQED21DS09HCEJ
age: 208
etag: W/"b8dad816086f13a6f0bcca7a55148e1e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 862f04184bcc66c7-AMS
x-amz-id-2: YLDocWjpLXbaelm1L/A0KadTukm3MYW5esdoal2aGv8It9IIqgPVvDVl2N6mKaUu7MaFYE/4zOQ=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 69ms
24ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32752
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21022-AMS
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6c9hFNMT0cI5fXoQ6nhHwu2Jl9Z2Egsmpqcl1tvexA0%2BnPpBDlFDlznUMj9OWUAN5e%2FhdaOH443SQssdQrS3s1n%2FDO32LljXCIy9ldxluF7UDCCdINvBmnyJ8%2BBFSGa7RzZ9pet2W0bnxnABvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 862f041858ae0b8e-AMS

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 74ms
27ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 11e5d45d6e132b7d27451a2867f0ed5f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 53ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-a5db"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Mar 2024 22:35:09 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 91ms
26ms Script
text/javascript 2600:9000:225b:4800:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4800:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 11 Mar 2024 06:43:27 GMT
Via: 1.1 3f48626dd8757a1af3c75efd40b72542.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 57103
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: lPrwxABWVejO2__MThigIwnTilzgD0ajtvrNmp9wrAgYMZWAdHn1SA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 72ms
21ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 03:31:02 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68648
x-amz-server-side-encryption: AES256
etag: W/"21f8671135afbd2e874c42d3dc478afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: wlqZFab3-Vly1EzAVJnyzimqLKh-R5na5j6ZRfCRKWyRjNL6IhSgAQ==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 75ms
35ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 19:54:16 GMT
server: cloudflare
age: 353482
etag: W/"65ce6be8-42fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 862f041868f5d0b9-AMS
expires: Thu, 14 Mar 2024 22:35:09 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp&cc=1

85 B
194 B

114ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp&cc=1
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 381d9d03b93ceac4db474d71080a11c01800ca6c44dd52efece46620afd1319f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-fqxx1WtDO0Unsv+43ijyxt8uW4Y"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.onlatvia.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.onlatvia.com
location: /esp?url=https%3A%2F%2Fwww.onlatvia.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1DB6 14 KB
6 KB 41ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.onlatvia.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 308468
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 74ms
22ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 184ms
30ms XHR
application/json 52.211.99.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.99.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-99-1.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bb96f8cae88ecd6f6049abc0141c4fa123d6136cf652211f0e684beed8e16569

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache
x-server: 10.45.7.210
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1DB6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=onlatvia.com&sn=ChromeSyncframe&so=0&topUrl=www.onlatvia.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=MOARE3xnOXdRaVMyUjhzY3dKTDdITk5MWXJXcUxqemxGZE9LZ2JUYUxuYWdBTHFReTV3Z2hLclJrVkl0elZ0MHZRbWRMQlYzZks2bWh2V2d4UUZNcGw4aC9CMDZoZVMyOCtCNUdHUU1WempUUW5nZ3BHY2JCRUNBWnlHSn...

419 B
643 B

19ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MOARE3xnOXdRaVMyUjhzY3dKTDdITk5MWXJXcUxqemxGZE9LZ2JUYUxuYWdBTHFReTV3Z2hLclJrVkl0elZ0MHZRbWRMQlYzZks2bWh2V2d4UUZNcGw4aC9CMDZoZVMyOCtCNUdHUU1WempUUW5nZ3BHY2JCRUNBWnlHSnNROFNzK09IUnZVa2p1YmtKemdCcnV4Q1RvRjR3MkdIV01ZM3JOcW15NkVEYzdMN2hmbHduRzJ0MDZwOVkxdWlmRm5WMHR3NlFHbkpTU0E5Mk9FRUhod2ZLQlRNZnowb1ZqZDB3dnFKZGNxdTZlYkN2NTBPcFBiY2J5RjB6d2dRMC9DKzQwZ1g1U0ZCbVJkWTdLUFpUTm8wWFJDWUVlQ3BDZ2I5d3ZlSE1nemVBUTFCU0M2TT18&cppv=2

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35ee7281298ee5716ab2abea3c602e377a6368f3f1886b9184d93cb5b1daa12c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1881368
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=MOARE3xnOXdRaVMyUjhzY3dKTDdITk5MWXJXcUxqemxGZE9LZ2JUYUxuYWdBTHFReTV3Z2hLclJrVkl0elZ0MHZRbWRMQlYzZks2bWh2V2d4UUZNcGw4aC9CMDZoZVMyOCtCNUdHUU1WempUUW5nZ3BHY2JCRUNBWnlHSnNROFNzK09IUnZVa2p1YmtKemdCcnV4Q1RvRjR3MkdIV01ZM3JOcW15NkVEYzdMN2hmbHduRzJ0MDZwOVkxdWlmRm5WMHR3NlFHbkpTU0E5Mk9FRUhod2ZLQlRNZnowb1ZqZDB3dnFKZGNxdTZlYkN2NTBPcFBiY2J5RjB6d2dRMC9DKzQwZ1g1U0ZCbVJkWTdLUFpUTm8wWFJDWUVlQ3BDZ2I5d3ZlSE1nemVBUTFCU0M2TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 271248
content-length: 0
expires: 0

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
213 B 169ms
47ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.onlatvia.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.onlatvia.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ 57 KB
20 KB 32ms
32ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 11:40:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "65EEEDB80000E4B16AE93791"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20487
expires: Tue, 12 Mar 2024 02:35:09 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1710196509692/redot.js/id=ctHqyI7Qm9vZ0fGrqJ93drd8DftwkUNx0z4M1V66hov.k7/stparam=rpcjlxdrml/fastid=autzlpdcjknxopfkydtzyihdrwni/sarg=65EF871D7D9BC5A6;/inner=%7Cao_uniq%3Dmkvpcki... 2 B
339 B 33ms
32ms Ping
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1710196509692/redot.js/id=ctHqyI7Qm9vZ0fGrqJ93drd8DftwkUNx0z4M1V66hov.k7/stparam=rpcjlxdrml/fastid=autzlpdcjknxopfkydtzyihdrwni/sarg=65EF871D7D9BC5A6;/inner=%7Cao_uniq%3Dmkvpckioxevqikesdedgicfh%7C;/extra=;
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.onlatvia.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Sun, 10 Mar 2024 22:35:09 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame BBE9 38 KB
14 KB 128ms
87ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cbd7b3c7f3305a97a6bd6276a439e76693f14823fd02a0084778acb24f060e4c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:09 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=66, ullat=0
x-fb-debug: jCOwAjCn2pOQAQfz+tVAO1Uogfao42y4pgbR6UY/GVWXEFtif/dInCRXHlSB9J5sLDh4yfri8Vo1OggEi8P4Xg==
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 21:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2821
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Mar 2024 23:48:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e4c42310b42cc10b32ea54b8eebd69e9b553cb52646918cb685af0bf69173bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:35:09 GMT
content-md5: /+AScehLTE2skAbQRB2CCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: QrI4hxccQLWrlljCm5VerN3xjPr4ugj5yQykMAJFcLCyFNHSpDScm9g8w7FPPFzkewOi2tgKy5duXoMr5xOhSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1435fd32fd5acd73fe2776dd231a6f58
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "96db471ff9bd89eb06dc954cfd2a9e33"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:40:18 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
323 B 25ms
24ms Script
application/javascript 2a04:4e42:6f::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 203

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
358 B 111ms
35ms XHR
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 404 ldt3Y37cfk_190527.js
lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ Frame 5BE1 0
0 33ms
32ms Script
text/html 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 stpd190411.js Show response
lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/ Frame 5BE1 307 KB
97 KB 76ms
75ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 9f9246a8abfb71eeaf88c77941974ca157bf4b5ff70c35f18eb04d68517d6369

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 16:09:15 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "603FB4AB0004CA63756ADEED"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 98928
expires: Tue, 30 Apr 2024 22:35:09 GMT

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 255 KB
56 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2b15cc82a55d8ae06ebeb96c4a9dd97f29c16ec2a66efc8c4581bff8a53da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 435449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56832
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:37:40 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 180 KB
56 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

366db33b7bc15aa00c99f2a38791d67089c9b123be24b7c1042b2daac5a6b6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 09:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56818
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 09:13:40 GMT

GET
H2 200 map.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 72 KB
23 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/map.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15dac445e2179133316945bf493fb344f5913b4154146f48e204cd8a0dafd477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23927
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:45:53 GMT

GET
H2 200 marker.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 71 KB
22 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/marker.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb79fea299d9b1ef9843c59c430d19ea95a2998c5646aa4346e18c39da65cd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22359
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:46:38 GMT

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ 42 KB
43 KB 202ms
134ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i9040&2i4835&2e1&3u6&4m2&1u509&2u350&5m5&1e0&5snl-NL&6sus&10b1&12b1&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=9440

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d485ce3e031648e3d71009f315b3d6f077d43b3f7fae7b0bb16b1f37c7285b3c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43381
x-xss-protection: 0
expires: Tue, 12 Mar 2024 22:35:09 GMT

GET
H3 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 27ms
27ms Script
application/javascript 2a04:4e42:6f::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.16849045656787864
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 18679

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e8d3ac9f46f92354a0dfde083b3e9ea8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34ffcd4129d451d9751115977da4fd0bd722518050542b20984d432ba9f70fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.onlatvia.com/
Origin: https://www.onlatvia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:35:09 GMT
content-md5: +/UDB3yFAiKVixLT9/TS/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87229
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: VJseWcxBIYtOiYXUa7bjTptb30n6o93ky5LVvOhcQ1/vjyrBCWPNHfQoi9WzcitFN5jvzJOuAtEXSpFlTG1Czw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0a32ce31ac734625367db98d9160c7c7
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5de8bf462569c65e7e84996bf4960edb"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 11 Mar 2025 21:08:08 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 562A 199 B
298 B 59ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 11 Mar 2024 22:35:09 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 26ms
26ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1488599137&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlatvia.com%2F&ul=en-us&de=UTF-8&dt=On%20Latvia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1791681435&gjid=729770290&cid=501858203.1710196510&tid=UA-39125229-12&_gid=1977699558.1710196510&_r=1&_slc=1&z=1878188658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

75fe03856801393e50afbc856b946580aeea148891a7fccfd918077cffd81a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 78 B
293 B 160ms
108ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.onlatvia.com%2F&callback=PIN_1710196509788.f.callback[0]

Requested by

Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.16849045656787864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

707ab8fad177a9d1d47330571cb21fc014bbaa424d81e45c0edf0df50c5957c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1552667611592877
expires: Mon, 11 Mar 2024 22:50:09 GMT

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ 326 B
848 B 111ms
52ms Image
image/bmp 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H2 200 xgde.html Show response
adlv.hit.gemius.pl/gdejs/ Frame 34D9 303 B
315 B 32ms
32ms Document
text/html 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: public, max-age=14400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:09 GMT
etag: "5996D7A50000012F9178E011"
expires: Tue, 12 Mar 2024 02:35:09 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

OPTIONS
H2 200 GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 0
0 27ms
26ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.onlatvia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.onlatvia.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Mar 2024 22:35:09 GMT
server: scaffolding on HTTPServer2
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 GetViewportInfo Show response
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ 27 KB
6 KB 85ms
85ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b5ec4e129d1e7b5f8d9d34e746a8b07ea5df71bdb977ce829e23009474242d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Maps-Channel-Id
X-User-Agent: grpc-web-javascript/0.1
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json+protobuf
X-Goog-Maps-Client-Id
Referer: https://www.onlatvia.com/
X-Goog-Api-Key: AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA
X-Goog-Maps-API-Signature: 11333
X-Goog-Maps-API-Salt: gJc1jf7ix

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0

GET
H3 200 onion.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 27 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/onion.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6e8733f7242e3798e7c5f94f5ff27adb16502e4acda00b5d48215e12b9198e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9054
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:46:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TVVCH5ECFK&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a037aa69edc673f8b851fd88fc0850d8751c36464dba861c2cf3dfbdfa65ac5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H3 200 infowindow.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/infowindow.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faeefb36179d7ab4635c872053c1e7c7902156498989c055a9d12c6ccd6b8ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2803
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:46:38 GMT

GET
H2 200 oCh4fJriDK8.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame BBE9 20 KB
6 KB 60ms
21ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KlSVpDp/+1fEecEIRyxaRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5241
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2906, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: oRygcivSrc8g1YbHlecAovYLxZ/TPT4oC+kAJ0A0TMrJENBmDkGBZFCUdDOdFKqy2Qo3JIp2bB6yiqdBGTgayA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 06 Mar 2025 18:42:43 GMT

GET
H2 200 RipjcUxM0__.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame BBE9 350 KB
91 KB 113ms
73ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/RipjcUxM0__.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68b3c269864694877e9840ea96b82fe4baa1bf20e158e87b9a5d30769ee74905

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: W6782aW9dGfwp9jtzJ8UCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92953
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=80560, tp=-1, tpl=-1, uplat=4, ullat=-1
x-fb-debug: Td5jytMNYoTeZVNq8Wyb9ny5ItcmyQRxILt5Iiy5r+0X5AEGEMaoKcDaoZfiV38/Idcu3USQkv24vWFyUvntyw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 06 Mar 2025 20:59:35 GMT

GET
H2 200 teTZ2tZqwkq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame BBE9 7 KB
3 KB 75ms
36ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qO1vcfOdsbovoV9UmybnhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2250
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=9455, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: x+V21YnsatGCba7pP+X+vapR4Nx6IezMxBNfQemrQJh0l63+5c9ZWdRL58i15WIq8EkvSkWgB+a/oM/a/PoQVQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 27 Feb 2025 18:22:25 GMT

GET
H2 200 BECqV_OB-Tv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame BBE9 94 KB
27 KB 77ms
37ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/BECqV_OB-Tv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44cc840e027bfb8c8ba3bba2e694bc6a28f7bdad1235c6a5375f419459baf299

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U2YSTzitCwymWMBrtxg4Nw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27429
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=12449, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: 0okEqDQ3njCLZ3X7LHhprVjyNxT+rOSOYrdpuoe+zbOBPDIN+4qHp9HhU+YSMZp6w88kmgwKm89i0rbn+rlVnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 27 Feb 2025 17:48:45 GMT

GET
H2 200 XC4Un5GdVZt.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame BBE9 54 KB
18 KB 77ms
38ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/XC4Un5GdVZt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc8c45915fcaf7c54bde63b920644fc8896a9232d3312263f707e5adda766ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uftxO0VsJ4hFsyJTSzv/JA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17451
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=12449, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: 4WVtv7QpMy5+SmYyiBrzSisiRipy05bm+A5twVtKs1wmBnteDg4/F31bQ6201VrZDi87nMihQ5mdtnLNprxOsQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sun, 09 Mar 2025 01:41:11 GMT

GET
H2 200 q4SZVAjzsaO.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2tE4/yH/l/nl_NL/ Frame BBE9 73 KB
21 KB 105ms
66ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2tE4/yH/l/nl_NL/q4SZVAjzsaO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0bc6804f991d33655ba4a95db181e2d3f73d949b11dfdc5b508d84c9892a8d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TUzerNAgDj2GlB5q+K0W6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20719
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=59430, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: Yd7I4prx1ei4lnhEeL89Jvn4G8l0mh1ULh2CFcB9irpyUYzupZQArr9gc4u4++jmY4aOdWs3/rDZfR2w4TE3Mw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 27 Feb 2025 18:19:17 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame BBE9 507 B
992 B 76ms
37ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=12449, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: YXBprMqGSIkjAjLAUyF48aVM81B1zkQDp5pGY5TvwU9CjfTbRvNqZG/f7ShCBZyVNOFAJGpie++PrlzOPMfHxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Fri, 07 Mar 2025 14:52:00 GMT

GET
H2 200 309256121_424345309808426_5692376114078745970_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame BBE9 8 KB
8 KB 21ms
20ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/309256121_424345309808426_5692376114078745970_n.jpg?stp=dst-jpg_p130x130&_nc_cat=104&ccb=1-7&_nc_sid=5f2048&_nc_ohc=ENBWRVRNAPkAX-_-CyR&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfC9BEAbz9TUqKRIlvEFEEehloI00m62dzMNAlnWtUC6og&oe=65F4646B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 59538c2ff54a29dd18b64a47f5c62c9e1574be460e2561d6945379c46e687fff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=20, mss=1294, tbw=6355, tp=-1, tpl=-1, uplat=1, ullat=-1
date: Mon, 11 Mar 2024 22:35:09 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 27 Sep 2022 15:34:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2052232496
thrift_fmhk: GBDkfhsdruF8UJBpvv6SuX2JFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3376516345
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8077

GET
H2 200 306835924_424345306475093_4716506813674709673_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame BBE9 5 KB
5 KB 24ms
23ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/306835924_424345306475093_4716506813674709673_n.png?stp=c0.0.50.50a_cp0_dst-png_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=5f2048&_nc_ohc=zZWsz66S5lIAX8aaDx2&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfB7t017DAQ_Bt7lEGx6pX7LZgh8mGV9teyXEwB2Oljndw&oe=65F452C4
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fonlatviacom&width=182&connections=6&stream=false&header=false&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 281dcd844270f09f9c23b39358397f8df6d27f16f8cf473e94db6ec6eaf36951

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=29, mss=1294, tbw=14839, tp=-1, tpl=-1, uplat=4, ullat=-1
date: Mon, 11 Mar 2024 22:35:09 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 27 Sep 2022 15:34:22 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=714381985
thrift_fmhk: GBCfn1Apgaz0hp91l+3yCjQ9FfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4254966775
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 4930

GET
H3 200 miskas.png
www.onlatvia.com/wp-content/uploads/2016/09/ 1 KB
2 KB 88ms
87ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/miskas.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc4eed3ac20ad76d969428f2dcf0a6f53874c3d2abf25fba87fb61a01ab3d88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "49c-55c231fff7780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7il9ACRtKuOtaPnZ%2FpDg5FWqSMTygDovPl355j5%2FPSHIYFe4FasmyZ1HmXQBhfxxffrK2SBtD8%2BiqBZRV2Vhd3LJlDQV4MfA4494Inm0QOgTE9YJdTJzfjmN8t63Yz9ApQJ0%2FR6D3xv0hO3ZW13o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88216616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1180
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H3 200 xixmiestas.png
www.onlatvia.com/wp-content/uploads/2016/09/ 946 B
1 KB 89ms
88ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/xixmiestas.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d0098a6f2d236b850b38819c7d41ad57b72888f4aa70e78c0628138c488736

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3b2-55c23200eb9c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BvG74ja3IrKyTo96TLlDT8pu1KU5gjxi%2FSy2hKHDOGmvW8tCKiPBZhb%2Febirg2PlGhPcLNbZS7kEbNXwx7aTDC%2Ba1%2FU2eJbhvB3XwzakNE2p%2F7aD73yopMKh5hB1aHs017dgYHlcLJeJuwe54CO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88236616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 946
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H3 200 Kaimas2.png
www.onlatvia.com/wp-content/uploads/2016/09/ 1001 B
1 KB 91ms
90ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/Kaimas2.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd700598278741f0b9c64762d1ef688139a5281c575c77b20083781da75d4678

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e9-55c231fff7780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU%2FobqsTX7A4bTzhdl%2F4MCh8NpvtKQ20QbhhoneKqpRt5goxTNrsotWOGIryWyspCC%2FmAiVCJnWICuveVPQlWyYRgNn4A8AJqe3d0tpQ%2B3Y5SPM2an5dFvePa35VIMNdD7Ph%2BYOdmhcIEpGA1bwL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88246616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1001
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H3 200 bunkeris.png
www.onlatvia.com/wp-content/uploads/2016/09/ 1010 B
1 KB 94ms
93ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/bunkeris.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2223fc736d939c31c380784fe30faa7f5fd9c20c05db441224e42fdb55986b14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3f2-55c231ff03540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzBHNMniWlLB9s%2Fr7xYBzVbyFL0ZePLxoTrdVwex1eqJKaFGzp9p7hkahZi%2FRYeBXSkilo2qPX5v2iTM8rV9idNsLB2XhQnh8W2tEO2ryZ1Ey%2FFjQTEA5DDCVGKy6RL8H%2FQHvvwSXvIiWRRn9fff"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88276616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1010
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H3 200 baznycia.png
www.onlatvia.com/wp-content/uploads/2016/09/ 829 B
1 KB 89ms
89ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/baznycia.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c33fc51368d76f57dd923d02a31a976def99e7dc4d54bc4ebb0c6ba9f1e0733

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "33d-55c231ff03540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3FLtR6u3Z%2Bc7qzBmBP%2FAQjNvIxMO47lk8kvbj%2F%2FqSW0CXFACtESg9uO%2BDAboRS2Ayj7U%2FpQI8iz7WMV9g4141SwANYJbWlbHAd3jHbKc2hmmZKqxF8O5GtArtxG00Zk6c8%2F195F7ZRllVG8%2BMJM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88286616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 829
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H3 200 pilis.png
www.onlatvia.com/wp-content/uploads/2016/09/ 862 B
1 KB 91ms
90ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlatvia.com/wp-content/uploads/2016/09/pilis.png
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a36a4fd7add7910f4faa84ac23c6eee6ed1bbaeda949b107f085b0f5de2897ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Oct 2017 14:00:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "35e-55c231fff7780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5ZwD7gFG3V8OGvo4nYuGg%2BVE%2BhcVsvB0k%2FRZaMDzIbLqPzLMP4NmcSoE2032gs7gf70wjCgfyV0LbXtSGxO7%2FjLhaNn3w%2Bq7NNManWIuTRy%2B3XJpAok6kZ6kgOu%2BvGMjIZmHsFDs9JtUjm%2BzaV%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 862f041a88296616-AMS
alt-svc: h3=":443"; ma=86400
content-length: 862
expires: Mon, 18 Mar 2024 22:35:09 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5BE1 298 KB
74 KB 95ms
24ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:49:35 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2735
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: aAVcpILXlOpqztjS1apb4jIb_vPe5C1T3BPehsKuqBWatcdqit_Dmg==

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 5BE1 5 B
609 B 136ms
74ms XHR
application/json 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY5ODIyNCZ0cmFuc2FjdGlvbklkPWRlOTI4NDc4LWE2YWItNDE3OC04MzNmLTI2ZTI0YzVjOTIwYQ%3D%3D&pt=gross&stid=8a5bb635-ad37-4a43-bd19-0be6208e6f75&fd=1

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 5BE1 48 B
739 B 75ms
24ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
an-x-request-uuid: f0fc7a31-dc26-4728-9631-64d0dfa4768d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.146.76; 95.211.146.76; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 48
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5BE1 0
195 B 137ms
71ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.11.0-pre&cb=8196304234

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BE1 0
179 B 80ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid Show response
ap.lijit.com/rtb/ Frame 5BE1 94 B
369 B 203ms
66ms XHR
application/json 18.203.213.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.11.0-pre
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.203.213.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8b1e46223ae78b84e70986de25f1171ac81915ce504b3e7777e725ef33eefcab

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 98

GET
H2 400 hb Show response
ice.360yield.com/ Frame 5BE1 95 B
312 B 96ms
30ms XHR
application/json 52.211.42.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2214b61788fa9bb7f%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221253a4b922a4abc%22%2C%22pid%22%3A%2222095009%22%2C%22tid%22%3A%22de928478-a6ab-4178-833f-26e24c5c920a%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.211.42.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-42-117.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a607c3aa5e07faeb65c4fa61c6a63633b0818efd5169351fecd6a74123905928

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:09 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 95
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5BE1 88 KB
29 KB 108ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e25dd5f51ae551733579db6d528dc09e1e37fc0971124ef58436258192c80a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28924
x-xss-protection: 0
server: cafe
etag: 742 / 19793 / m202403070101 / config-hash: 12108540257622360864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ Frame 34D9 57 KB
20 KB 33ms
33ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 11:40:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "65EEEDB80000E4B16AE93791"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20487
expires: Tue, 12 Mar 2024 02:35:09 GMT

GET
H2 200 transparent.png
maps.gstatic.com/mapfiles/ 68 B
147 B 54ms
51ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/transparent.png

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Mon, 11 Mar 2024 22:35:09 GMT

GET
H3 200 vt
maps.google.com/maps/ 22 KB
22 KB 108ms
108ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i36!3i19!4i256!2m3!1e0!2sm!3i684428853!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=125709

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

41637745312f55618a688086ba66b46ea9608ec557350aa61b49d934dd9bfe2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=73
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22293
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:32 GMT

GET
H3 200 vt
maps.google.com/maps/ 7 KB
7 KB 81ms
79ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i35!3i19!4i256!2m3!1e0!2sm!3i684428853!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=66282

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9ab5c4a5654ff49c7c82dd950c15147602e876367c209b30de112c970b20e357

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=57
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6788
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 11 KB
11 KB 78ms
76ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i35!3i18!4i256!2m3!1e0!2sm!3i684428817!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=26811

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

753f7c27c12e4c45df384cdb8693fcf4daef36ff7848403b3bd1582ae654dd3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=56
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 19 KB
19 KB 83ms
81ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i36!3i18!4i256!2m3!1e0!2sm!3i684428817!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=86238

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4c17587ec1fbe78678cecad447b4c9fcb639cd077eccaf56fa68c44ae5be03ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18990
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 20 KB
20 KB 102ms
101ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i37!3i18!4i256!2m3!1e0!2sm!3i684428817!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=14594

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d35dfe6338d4e7616fd929821b77e18dde8d35a5ddb46fc91af96dd015c8ff15

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=62
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20734
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 15 KB
15 KB 90ms
89ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i37!3i19!4i256!2m3!1e0!2sm!3i684428853!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=54065

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0bb51db88dc0c21bf6ad48d73f77b34e5373b4086334a84205554afdb80b5ea0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15016
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 26 KB
26 KB 96ms
95ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i37!3i20!4i256!2m3!1e0!2sm!3i684428853!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=125009

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ce7981b3a7e9e65d35da51e318b314e98d48795d015699293b37dba5d7560149

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=60
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26157
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt
maps.google.com/maps/ 27 KB
27 KB 111ms
109ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i36!3i20!4i256!2m3!1e0!2sm!3i684428925!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=97547

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c809dbaba44711a01b1373c616ccd40465cb807b991f48e798e03df11786e992

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27874
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:32 GMT

GET
H3 200 vt
maps.google.com/maps/ 18 KB
18 KB 60ms
59ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i6!2i35!3i20!4i256!2m3!1e0!2sm!3i684428950!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=81377

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ddbbde2027e4454687020aeccd0560dbef454e2d0adf10cc6680df205ebee16e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18252
x-xss-protection: 0
expires: Sun, 24 Nov 2024 03:25:31 GMT

GET
H3 200 vt Show response
maps.google.com/maps/ 529 B
168 B 101ms
101ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/vt?pb=!1m4!1m3!1i6!2i35!3i18!1m4!1m3!1i6!2i35!3i19!1m4!1m3!1i6!2i35!3i20!1m4!1m3!1i6!2i36!3i18!1m4!1m3!1i6!2i36!3i19!1m4!1m3!1i6!2i37!3i18!1m4!1m3!1i6!2i37!3i19!1m4!1m3!1i6!2i36!3i20!1m4!1m3!1i6!2i37!3i20!2m3!1e0!2sm!3i684428973!3m12!2snl-NL!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&callback=_xdc_._xtvf2l&key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&token=113176

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e8bf3ef62a1db40fab1e493c57d04777f4f714e71d4e2277095de9547509ef50

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD4jKWvBhgB
server: scaffolding on HTTPServer2
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=65
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144
x-xss-protection: 0
expires: Mon, 11 Mar 2024 22:35:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 47ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TVVCH5ECFK&gtm=45je4360v9125505279za220&_p=1710196509820&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=501858203.1710196510&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.onlatvia.com%2F&dt=On%20Latvia&sid=1710196509&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2996
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TVVCH5ECFK&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame BBE9 573 B
714 B 19ms
19ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:10 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4330, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: EYgKIUfAVdfTb1xaS3mxv5gBuxYkolSWwC7WEeNtPsrrKztTvsAuB7kv1ubzVa341TkZDG5Ga94sMpKc1docvA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Mar 2025 04:19:50 GMT

GET
H2 200 gemius.js Show response
adlv.hit.gemius.pl/ Frame 34D9 66 KB
19 KB 35ms
32ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gemius.js
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 6e1194f0f1d1026641bf1f2b9a0d66135b2f4f04bc4cae53ef1701890a0316f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 14:10:52 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19414
expires: Tue, 12 Mar 2024 10:35:10 GMT

GET
H2 200 0 Show response
config.aps.amazon-adsystem.com/configs/ Frame 5BE1 528 B
802 B 77ms
20ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 96783dc392c6e406dbbc1fd15c9edf08f0be0d6e8fa9d5975a14493b30af0ff7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:12:46 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1344
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 528
x-amz-cf-id: 9h82lXLkYb1wam_4Q4Y2rrzBVvX9s7QIKA0iP7eKHaFpB43Stk_6YQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5BE1 0
305 B 117ms
117ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=0&u=https%3A%2F%2Fwww.onlatvia.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.onlatvia.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: FlHQcSsD7Ztm7XCXVW0fLOLXsCjTp3qrQsUokHiwH1K3POoB3bCKYQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 5BE1 23 B
357 B 111ms
35ms XHR
text/javascript 18.65.35.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=0&u=https%3A%2F%2Fwww.onlatvia.com%2F&pid=6RgaW2079ZWKe&cb=0&ws=980x150&v=24.305.1002&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1710196509708-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_728x90%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.35.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-35-42.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: O4C63Z_gRO3I-ixV0ELCWol2CV4lMTEztp93HK1mZj6Rwz-vx-PHpg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5BE1 6 KB
3 KB 59ms
20ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 06:41:57 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 57194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: vE7yVC3w0X-2i9DjKO1FOJzs4ZPvpDrgLiiDTdnH8Mwz4q0gV5y8oA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ Frame 5BE1 433 KB
136 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139281
x-xss-protection: 0
server: cafe
etag: 13505786736550064131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:05:32 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 6DB6 5 KB
3 KB 128ms
33ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 6754f1302bcc2339d8971ccfee069249e06f6b03cbaa9289102862cc18d7722f

Request headers

Referer: https://adlv.hit.gemius.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2708
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:10 GMT
etag: PRIVATE7520710249
expires: Wed, 10 Apr 2024 22:35:10 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BE1 613 B
334 B 210ms
210ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3051581354250066&correlator=4142381382899004&eid=95326465%2C31081559&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=147246189%3A22682146883%2Conlatvia.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&cdm=www.onlatvia.com&abxe=1&dt=1710196510151&adxs=270&adys=138&biw=1600&bih=1200&isw=980&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=iiiwp6qmph1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=http%3A%2F%2Fwww.onlatvia.com%2F&loc=https%3A%2F%2Fwww.onlatvia.com%2F&top=www.onlatvia.com&vis=1&psz=980x150&msz=980x0&fws=256&ohw=0&ga_vid=501858203.1710196510&ga_sid=1710196510&ga_hid=1263431118&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhZaf_eIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiFlp_94jFIAFICCGQSGQoKcHViY2lkLm9yZxjMlp_94jFIAFICCGoSGAoJeWFob28uY29tGPaWn_3iMUgAUgIIbxIXCghydGJob3VzZRjUlp_94jFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YhZaf_eIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRDOTBjSHBoTWs5VE9VOTZOM0ZxTnpaSGFYQklkejA5SW4wPRjHmJ_94jFIABIZCgp1aWRhcGkuY29tGIWWn_3iMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YlZef_eIxSABSAghq&dlt=1710196509692&idt=425&prev_scp=amznbid%3D2%26amznp%3D2&adks=728836813&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdfaf46feb86db5a67685d90f7dc9c2e18f665808191db708aae722eb625bdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5BE1 16 KB
12 KB 112ms
66ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24f688830837f2ddffeb227d86f71b1c7c247bb0563946762967fd2cb4288f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12332
x-xss-protection: 0

GET
H2 200 container.html Show response
aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97F5 6 KB
3 KB 133ms
50ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:10 GMT
expires: Tue, 11 Mar 2025 22:35:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
17ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.onlatvia.com%2F&domain=www.onlatvia.com&bundle=5bqgYF84a05FU2RheUJ6Sm5GNEslMkJEVllqMGYzVDhBOWVSS3JZR3kxNTUzMUpyYU5sOEtjdTQ1SXJMd0k0cDd4MmdYcHlxQ0hRZ3JsdnN2Q3BZaVNkMm54dVlqZld6VTE2VVRzRzFTcWJ2RkVJektSbEc3Mlo2UFNrdTNXNUUlMkZ3T0U4TFBRNURhaGJvMXRsdm1aMTNCanNoRGt3JTNEJTNE&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.onlatvia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 11 Mar 2024 22:35:09 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 250389
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 23ms
20ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:49:35 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2736
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lDNt1BlwXj3q_vCpo04gjFCm7AAVghOfp7xGrxpcqXxzdK55Ppu8cQ==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 39ms
22ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240311

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5141bb3d1bb623f01d8df7b37c5a2f7ad6afa31bd9eff183417b083e10acdffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23656
x-jsd-version: 1.0.1992
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21978-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-csRClVPqUi7Anb7AOcGl2TwaIUY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GkKxUwPkRIiO9RV41iJqKWvB9Y9xBWMCqLtBUitwj8LEY%2BjHjEDklEPsHX3Oyg9UuArOtpQLFYNEPVaH4PZMB3gdYwyTPTGsBnP6oqsS8rwVZR%2FUsxTG%2BzwTYZ%2BZFgF%2B1CtBYrsJQLxL7jgVxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 862f041cde8906c2-AMS

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 251 B
448 B 64ms
21ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

04ae2ec39f173e1a97ffab6100ed9cb0cd3509c7667066a3fb5ee017f48d632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
374 B 15ms
15ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 289081
expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 34D9
Redirect Chain

https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D
https://pixel-eu.onprospects.com/?partner=254&mapped=Wn4qhCfFM4QsJq0RtY2mRHlm1G7s6nJpfij9AWZSKdX..7&gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=254&mapped=Wn4qhCfFM4QsJq0RtY2mRHlm1G7s6nJpfij9AWZSKdX..7&gdpr=0&gdpr_consent=&onp
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=9ba7c92fe120caec99ed38ef41b89e9c&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=72accd9558af5094/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

103ms
31ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://adlv.hit.gemius.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H2 200 d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac Show response
config.aps.amazon-adsystem.com/configs/ 563 B
828 B 19ms
18ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 45ff6c58f47ea6de44beacdb4af7ed5f1d41887b69895b44b1ace158b71ff5bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:17:05 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1085
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: SlkenDxMEMCVma8Okrw0-EVo_O8RVUe35uzVjemt5nqsHINc3dlSQg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 20ms
20ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.onlatvia.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 17:36:46 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 17904
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3623
x-amz-cf-id: T4fdYmbJ19V3mEno4EwqtXgm8Hs51wzyRAAAeJ65mjInKF0JgiU_IA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
355 B 48ms
46ms XHR
text/javascript 18.65.35.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onlatvia.com%2F&pid=R2sh3vRBIBiaX&cb=0&ws=1600x1200&v=24.305.1002&t=800&slots=%5B%7B%22sd%22%3A%22onlatvia_com_728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_728x90%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x600_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x600_1%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x600_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x600_2%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x600_3%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x600_3%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x250_article%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x250_article%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x250_article_left%22%2C%22s%22%3A%5B%22320x100%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x250_article_left%22%7D%2C%7B%22sd%22%3A%22onlatvia_com_300x250_article_right%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22682146883%2Fonlatvia.com_300x250_article_right%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.35.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-35-42.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:09 GMT
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gbCgkK-52WSw6HuwW1Te6-aDm0UTtmrW4J5I3-sJIdNNnWTNfBm0VA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
21ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 06:41:57 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 57194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kGCQ7uFjwrlpgRSBUbaWW3D9BuNpmxfbTxhcDWAzCECRgu8s5cdODw==

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 79ms
26ms Preflight 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.onlatvia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.onlatvia.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Mon, 11 Mar 2024 22:35:10 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
552 B 80ms
33ms XHR
application/json 104.26.9.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6AuwNLe46z8Vuu5ITf7g22x9T%2F7KGczGd6XCUso135gNVWRJtNmKHA3emd4GxFQde48MHC6duXPsw6YpiPsEIzfpIrRU6u%2BgT4NnEWKnVBZhfYVG5btpHT4y4yHH5gPDTXdsskFIVDB"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 862f041d7c16672a-AMS
content-length: 42
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 281 B
523 B 512ms
466ms XHR
application/json 104.26.9.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa6aa119872c3237a1bb243f12c2dfe5dd17408d0b8c0b213acb0bd2e69a5de

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT3ADWwlHJ0WnsXojHVkdrqcH1GKHaIEUdQiRJNjKXio8aVYuYQ98BoUj4O6l0LykWGomO35%2BxpHsTgyDj812g8any%2FLWscfZ3OGUxJVNmI2DAo2wZj%2F3dfKv62jTjrgisBswQiNMBF8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 862f041d7c13672a-AMS
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 960 B
3 KB 381ms
307ms XHR
application/json 2602:803:c003:200::91
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1905014%3B1904018%3B1904018%3B1904018%3B1904016%3B1904016%3B1904016&size_id=2%3B15%3B15%3B15%3B15%3B117%3B15&alt_size_ids=%3B9%2C8%2C10%2C48%2C179%3B9%2C8%2C10%2C48%2C179%3B9%2C8%2C10%2C48%2C179%3B%3B%3B&rf=https%3A%2F%2Fwww.onlatvia.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=8fcef629-8bcc-4713-b072-019d27a328bb%3B1d92eb3f-4c6d-42dc-ad95-2965d0fe49cb%3B47db9d9e-86c9-4169-9b2d-2763c2c7cfa5%3B89d21c49-70df-4fd0-bea4-fd9e7e9dbc99%3B726f66da-6833-4f8f-844a-22ff1c5ea53a%3Bb640f3b1-69af-47b8-8619-8a0aa6314016%3B77d7159e-52d4-4909-a02d-60230904b5d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=7&rand=0.9917675489359501
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::91 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 70cd32600d66fe67e9a7dfe747c5ae4af342468711a4b3c2e635ed3fbaa976a8

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 960
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
551 B 74ms
41ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=634540&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2241a7c5be9f5d802%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onlatvia.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A22%2C%22msi%22%3A22%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22429de0cdb643923%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2243f251b990e9af1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x300%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22250x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22440d135ac54432%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x300%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22250x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224599d2c4cd20b07%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x300%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22250x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2246be825e5487143%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22479533d764c6bcf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22320x100%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2248b30701316d3bf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22634540%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9b80c9840966630177d9b0ad94b2152f9cc209c4522ef0f303d783e365f553

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7L4Wm%2BpsvjISdgZcf%2BLCcEgteHiAw1RvV3iy8dCoK7ZXIIkg0AqPWxtVm2JFza60Rd%2Fyb%2FCIaKo24HfZhCedGNU634W3pNHISawbausCCeu948oMKMvBnKjEw6dOEPmk7k7p%2BgL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 862f041d6ac36685-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 98ms
98ms XHR
text/plain 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 100ms
100ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=19252455975

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
171 B 63ms
14ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Mon, 11 Mar 2024 22:35:09 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.onlatvia.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 460ms
31ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 459ms
31ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 456ms
27ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 457ms
28ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 458ms
30ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 457ms
29ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
567 B 487ms
28ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:09 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 24ms
24ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:10 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 95 B
369 B 82ms
82ms XHR
application/json 18.203.213.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.203.213.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d08402d8b2b7a919f4019c2bf08b58da9cc56619664cfa5bddbe6a80e262931d

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ 73 B
285 B 42ms
23ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.onlatvia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8fcef629-8bcc-4713-b072-019d27a328bb%2C1d92eb3f-4c6d-42dc-ad95-2965d0fe49cb%2C47db9d9e-86c9-4169-9b2d-2763c2c7cfa5%2C89d21c49-70df-4fd0-bea4-fd9e7e9dbc99%2C726f66da-6833-4f8f-844a-22ff1c5ea53a%2Cb640f3b1-69af-47b8-8619-8a0aa6314016%2C77d7159e-52d4-4909-a02d-60230904b5d5&nocache=1710196510268&pubcid=d11791a7-eab3-4ee3-829a-558e33641985&aus=728x90%7C300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C120x600%7C300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C120x600%7C300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C120x600%7C300x250%7C320x100%7C300x250&divids=onlatvia_com_728x90%2Conlatvia_com_300x600_1%2Conlatvia_com_300x600_2%2Conlatvia_com_300x600_3%2Conlatvia_com_300x250_article%2Conlatvia_com_300x250_article_left%2Conlatvia_com_300x250_article_right&aucs=%2C%2C%2C%2C%2C%2C&auid=543983812%2C543983808%2C543983808%2C543983808%2C543983805%2C543983805%2C543983805
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: df828b82729c8c4e7777acc868455630085929d1c9408cab64427648a1b2bdd5

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.onlatvia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 67ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.onlatvia.com
date: Mon, 11 Mar 2024 22:35:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 137ms
37ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 11 Mar 2024 22:50:10 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 22ms
21ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 01:34:02 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 75669
etag: W/"0f107a0e7753aa69cd07ded21852408c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: cwbsdAGX70V1rVwznRU6-w3zJTJ3pH4OCjM-86zTmmB8xo63DFpUZw==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 65ms
26ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.onlatvia.com%2F&ref=&_it=amazon&partner_id=533
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
server: cloudflare
x-amz-request-id: GPA71GZPJYF3GMCR
age: 2202
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 862f041d7fb3b936-AMS
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 91 KB
26 KB 32ms
31ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.onlatvia.com
URL: https://www.onlatvia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3a68fbdfba5a57a68f0041c669c3ce080b1bc7178133518bfc79accd68eb054

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Feb 2024 12:45:12 GMT
server: cloudflare
x-amz-request-id: 9271S4CWYEZPV6AB
age: 1951
etag: W/"a6dbc54d2082e9b3a0fa778f082e665d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 862f041d38f766c7-AMS
x-amz-id-2: 1Jn8Yg6YPhCoVICysETv9UAR4Z1NA8O75NAAWzev2r4Ku1PH5wdYi0WAbK0lo8NVqJjwCsVkHcY=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 171ms
72ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Mon, 11 Mar 2024 22:50:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BE1 17 KB
7 KB 212ms
157ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 22:35:10 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 30ms
30ms XHR
application/json 52.211.99.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.99.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-99-1.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 331895f315058ba2ce3c7e7f6883fe10aa64e76d4f7f68d244955c697e48df7f

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache
x-server: 10.45.9.195
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 controls.js Show response
maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/ 94 KB
25 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/controls.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCZRTd92a2P5hIg-krpVrViLiKRmNLDmRA&ver=5.2.20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

883392993e7cc54151ba8577fa4624fe3509ecd43dc0e8bfc0e32e2d864c2ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25185
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:18:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 21:45:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 302 B
382 B 39ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=nl

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:19:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 22:35:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=nl

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/56/3/intl/nl_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9064f4f6ab642a40b8a14f1521eb6ab9ab54b5a781957ba16bae1cca47c3c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 22:35:10 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 638 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 97 B
289 B 106ms
106ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=www.onlatvia.com&url=https://www.onlatvia.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.onlatvia.com%2F&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1484a5d1b301496f85dfba1e22a7950ee980497cf527e365e5b2014c68fde3a9

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 862f041eae12289d-AMS

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 148ms
104ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=www.onlatvia.com&url=https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.onlatvia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 862f041e0da1289d-AMS
content-length: 0
content-type: application/json
date: Mon, 11 Mar 2024 22:35:10 GMT
debug: OPTIONS block
expires: Tue, 11 Mar 2025 22:35:10 GMT
server: cloudflare

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 647 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 5BE1 0
241 B 98ms
24ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlatvia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onlatvia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:37:46 GMT
x-content-type-options: nosniff
age: 579444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 05:37:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
24ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onlatvia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:16:13 GMT
x-content-type-options: nosniff
age: 8337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:16:13 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 36ms
36ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Mon, 11 Mar 2024 22:50:10 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60E1 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 9797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 19:51:53 GMT
expires: Tue, 11 Mar 2025 19:51:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05F2 829 B
1 KB 101ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c295757e322ef765e7f01fef24653a96b1ab5912ae6bf4c3e6bff9ee313a6c95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qnXvSUsduYrXcg_eQbF50A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qnXvSUsduYrXcg_eQbF50A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:10 GMT
expires: Mon, 11 Mar 2024 22:35:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
464 B 87ms
14ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.onlatvia.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Mon, 11 Mar 2024 23:05:10 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 60E1 39 KB
15 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 19:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 19:51:53 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 38ms
38ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Mon, 11 Mar 2024 22:50:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05F2 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=3051581354250066&rc=
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 83ms
24ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.onlatvia.com%2F&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54713840df100b8cd266df4a048ba67b1cad082fca8ebbb67675ec4d840803a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2024 22:30:07 GMT
server: cloudflare
age: 73
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 862f041fbf71661e-AMS

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 60E1 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AABvaQ
Requested by: Host: www.onlatvia.com
URL: https://www.onlatvia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

share_button.php Show response
www.facebook.com/v2.3/plugins/ Frame 0B6C
Redirect Chain

https://web.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain...
https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain...

41 KB
13 KB

243ms
242ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e8d3ac9f46f92354a0dfde083b3e9ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7128922c17640ce95ed3d861550c460063b00d4400a0f3c21e3845c911211a7c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1294, tbw=17632, tp=-1, tpl=-1, uplat=222, ullat=0
x-fb-debug: 0SZZzrCT6VIXkbicE4safPdDvSB+4GTGYn496PaSxOrag7xY+RzMQVgcd/mYDEnUTydZzFZoGo4NTsPChD++yA==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
date: Mon, 11 Mar 2024 22:35:10 GMT
location: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey&_rdc=1&_rdr
origin-agent-cluster: ?0
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
reporting-endpoints: coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0"
strict-transport-security: max-age=15552000; preload
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=37, ullat=0
x-fb-debug: KV7JhniA8c8c0qWsEfL4fXN4u+kBi+q8BSoIzrNzOO0eSPzVGxpa8BlH8asOPuDHbhydAdqioHCta1vi9eXkmQ==
x-fb-zr-redirect: 02|1710282910|

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
338 B 432ms
432ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2219219049911690&correlator=179515405494185&eid=31081715%2C31081752%2C31081559&output=ldjh&gdfp_req=1&vrg=202403080103&ptt=17&impl=fifs&iu_parts=147246189%3A22682146883%2Conlatvia.com_728x90%2Conlatvia.com_300x600_1%2Conlatvia.com_300x600_2%2Conlatvia.com_300x600_3%2Conlatvia.com_300x250_article%2Conlatvia.com_300x250_article_left%2Conlatvia.com_300x250_article_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%2C300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%2C300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%2C300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%2C300x250%2C320x100%7C300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1710196510783&lmt=1710196510&adxs=-9%2C924%2C924%2C924%2C-9%2C-9%2C-9&adys=-9%2C376%2C674%2C972%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.onlatvia.com%2F&vis=1&psz=0x-1%7C306x250%7C306x250%7C306x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C306x250%7C306x250%7C306x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C516%2C516%2C4%2C2%2C2%2C2&ohw=0%2C1600%2C1600%2C1600%2C0%2C0%2C0&ga_vid=501858203.1710196510&ga_sid=1710196511&ga_hid=1488599137&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhZaf_eIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiFlp_94jFIAFICCGQSGQoKcHViY2lkLm9yZxjMlp_94jFIAFICCGoSGAoJeWFob28uY29tGPaWn_3iMUgAUgIIbxIXCghydGJob3VzZRjUlp_94jFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YhZaf_eIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRDOTBjSHBoTWs5VE9VOTZOM0ZxTnpaSGFYQklkejA5SW4wPRjHmJ_94jFIABIZCgp1aWRhcGkuY29tGIWWn_3iMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YlZef_eIxSABSAghq&dlt=1710196509016&idt=419&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2360862951%2C3894800953%2C1338468087%2C415417998%2C2480895383%2C2930799399%2C1021609036&frm=20&eo_id_str=ID%3D0aeb21ac922b0f8e%3AT%3D1710196510%3ART%3D1710196510%3AS%3DAA-AfjbVt3O5-TJV5fc7RebZJkLK

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41861baf2ed8e52fd9faacbafaa41a97761c4a3d44f7031011fecb6bef8a382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.onlatvia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
64ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403080103&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55a751e3ec9b196b12ce71e53e4d86be190b075255d52271f4dfd50707f88d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12495
x-xss-protection: 0

GET
H2 200 container.html Show response
5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE08 6 KB
3 KB 77ms
51ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:10 GMT
expires: Tue, 11 Mar 2025 22:35:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
log.pinterest.com/ 0
310 B 38ms
38ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=zchs7RaBibFw&tv=2021110201&event=init&sub=www&button_count=2&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.onlatvia.com%2F&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 11 Mar 2024 22:35:10 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1525184809687071
content-length: 0
x-served-by: cache-ams21073-AMS
pragma: no-cache
server: envoy
x-timer: S1710196511.800123,VS0,VE21
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403080103/pubads_impl.js?cb=31081752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 22:35:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 002B 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 9797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 19:51:53 GMT
expires: Tue, 11 Mar 2025 19:51:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F56 829 B
770 B 29ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

573c8c2559cc4472280250be9c792db9b165b6c03fc021c94505f3141c738167

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q2-3Q9vd150qoPJSZZl_8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q2-3Q9vd150qoPJSZZl_8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:10 GMT
expires: Mon, 11 Mar 2024 22:35:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 002B 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 19:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 19:51:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F56 0
0 51ms
51ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403080103&jk=2219219049911690&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 002B 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wYDiGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 19ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Mar 2024 22:35:11 GMT

GET
H3 200 rFG4RaXXGv8.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/ Frame 0B6C 533 KB
138 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/rFG4RaXXGv8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6a5214afc25369ff%26domain%3Dwww.onlatvia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.onlatvia.com%252Ffdd39d9d9dfbbb887%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.onlatvia.com%2F&layout=button_count&locale=en_US&sdk=joey&_rdc=1&_rdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b8195b964e3fbf97672ff69003367d12658acda2b72fbe6dc6ab7a6a0edfe80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZX2q7q7bUzYOl37beNDRZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 140782
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=6906, tp=16, tpl=0, uplat=4, ullat=-1
x-fb-debug: YBE3qCWMsx6x8EO74SnpXiQmxHO29hYxp32UIgj9KA9haIinzrx4xvs+sZh68rKCg2AjpAs2i0iE3nYpuSzXiw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 06 Mar 2025 21:02:24 GMT

GET
H3 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 0B6C 272 B
410 B 19ms
19ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Mon, 11 Mar 2024 22:35:11 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=6298, tp=14, tpl=0, uplat=0, ullat=-1
x-fb-debug: YxS+B43o+v8SxjHZfb3u0Nj1uQwiGLlikO+HOoTY7Zk0cdUNXodu4TfMDrFoutp3z2mUd9C6fR2KdPODj7NnIw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Mar 2025 02:10:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5BE1 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=3051581354250066&bg=!v7ylvPPNAAZsmiNCTJo7ADQBe5WfOMpn3OLqcrlbGHmhEHEdH0CQ2HCSoUx8x-k4GPMLcdzxyQG_3LcZEvWdBNGhdKClAgAAACNSAAAAAmgBBwoAgPujjDkp0LFklu3sQUN5EzhTqJA0jyyZmcPwY_51h-Ax4v1_BJbzskkH5OloHg5K7lwWz5BLHx2BToY7dMa6OVTyU2l5eN0ccVvR2XcgBJv6YZv7pCIjcQDSgNEDMo9HM1iZdjtmONyamK7Vaj8e25g_mTqg2cZN0i99AluJ4VaRmQLdtbQJ9evR0trQ91R_sRA2tpo7kEA17KqXEq482p-4Ooh0_d0bUf20_XluItDers9KrA2hsBdak_HsyNRxxNDnAfol2huNHrvTaY50rt336h598tHmD9bhGPDz5EyJiqSWZqFAJtsk0qgFd-93-IthCDgig1j9Ix7ssUQOSy56Z3y6AKmRahwrGwtk93vn6YeY4BFuZ6oZcWr5SkV2D31PzkUuucdoQcUq5TQzqjQYeXtYLxayTnrAa3m74jJvF1hFThE3hHig3iScQZ6w8XjCsWsoh77D2BMNJUAT8XnZ0ZYc7J29QcIqPQ4ChPagRaZDFFcL0gwM7Yq1Pq7684msrd0_YhIY45Df-ZTvSJyZ4GCywQI6TctwbUaTFYU5mH8rJjvO6RvW66iFfdkUtkqaMUcXRvpwwvK97vSMsFsrBSVaDHkacgvBLZGrtK6kvvB9-IiSnkYBHmnAeeqpny3R9KIJAGxOQPDZVMM_pPWTeCMAfbDw95zcqVerXOBJ6qHnZ0ghuIJTqUMc5VwjP6SozyDeoD0FnJLKhRbFMu7Tj6kC3Zg-Omtqd7eGcApcT5ChVljmeMidDl-L10HV4oLrzxoVh86UUuGi3d8xnEtsgU-yFUfbvDC9n0Zwot2WXPAhM1qHJCIFxX_xV8_ME_7RpQ8Z_kYwMvAZzyBfVbEQfzYHq4YHT1aIyjqaAboYUtKZLhQ-fqZfoZkEqZ-P6U19pLnunWB27Vm2rrjVfW320oFZNF14icqZgzG5EJXyrljF9j6lK2omsEd6CGwrQsBdVVHjc4sv9pGvea9ulmnDK3nMo7qzPlMe7XJsbQauJ4y2fojF6GjDNl9ZX4nL9vrBbgGSeXClL8jQ_CuA6QrZg8C74IvP6Plxiv9OdSy0NgHD3udfWrAtXTCU-UVjeofpMN0ptWfOJxcRp2_YMEezRM2Y4KeNfPFLBrG6H6zupnqQbshLMCjwKuthKlYMUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403080103&jk=2219219049911690&bg=!cnGlcT7NAAZsmiNCTJo7ADQBe5WfOKxxF2A2MD-i_5e8eKbsE6vinASCoBhkxHIy4ocTJXy2lG_YggLxiGxMs7PbKRNnAgAAACRSAAAAAmgBB5kCvl_eehMXfs8ANGrwln8hA72_DUF3HMWGpQ4kemkBMOQO-LMRrVR_Kzxt9gQ9egRCSrqxRHFXZgKpjGroufsu9RdNry1_tjLbB304IzSvE4ESEBw9mi9QwvQRdtdTV79VndXLRMetfkUFcw5fMDlDcxz4W71kAX85Dtixy-Tg6E0BkGgL8gTmMIr_mxbrqSJfDpoiOvjbYadp3uR6zWWJLaBNi5X9Y6sMo4gQGM9r_981Q66kqrjmMY-Tgup7bPzL6GnyxbDx9gG0t7Ht5xVGb_icL0ZsRUkMnGv_xo5nVSCpQOXZvLVFyUm_ycGGuxSZV21ROXKA86ChngrehoEj_0w7BZWYORaJo4LOX1OJaYO4tr0JmLN6mBXEfbP7glcq8mZbK0ljKZ4GnuoqgPASral4fhphz97Kxa6gRQ7hNTqBv4ffAiIUPEoicV3o3OgNKvFr5oi3wj5pahQ7Gc2Ue-BrNlRlC5COALK7Fl7_qr7P3Dz4xXJxSfL3S3kbNAtP1qGzaqFMvPawezMx9AmRnQCeJWmbLi6RM0Ugf4nxGRKqkcnLuQlVnb9grhFQINnHRcqLFL8BJbpIKeH2b8KRvucmSVSjwfAZUuoK9DUSGvU8mfVG_GszBjBi066owSAaL2HpaxXThnVGlmijWrXsdnVRANMG5_OnJSf1flRHGop4-eioZv1G8YNvDqJG3T77NfllF7gw_k3IM5a5J5SC948_UD94n54OEaS4oLBWR2JZWLko94oR5XySLCPIUclbbZejo_Ge4bkylSCSx1AmhC2xXnUjTDyWqYDiO8ltrlHlh3DJEc04qcHkqstAB7gQdKV7CbtgJ85CiP43dOF5dOhjCqHnDdrQrX9t_8hDEbb7Gm8YvuLWcj1YGTMAjOULCgTSek7wykAw2UPuJt9S1DHC4eIJwxmKHcVU2JGzWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 5BE1 94 KB
30 KB 18ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/rphobtnmnd/stpd190411.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8266adb334c5eae8e2f72e42061abfd05a205d2162b2a3138455819470441339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-17965"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Mar 2024 22:35:12 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5A5E 14 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.onlatvia.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 22:35:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 1184138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.151.js Show response
static.criteo.net/js/ld/ Frame 5BE1 94 KB
30 KB 51ms
25ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.151.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8266adb334c5eae8e2f72e42061abfd05a205d2162b2a3138455819470441339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.onlatvia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-17965"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Mar 2024 22:35:12 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5A5E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=onlatvia.com&sn=ChromeSyncframe&so=3&topUrl=www.onlatvia.com&bundle=5bqgYF84a05FU2RheUJ6Sm5GNEslMkJEVllqMGYzVDhBOWVSS3JZR3kxNTUzMUpyYU5sOE...
https://mug.criteo.com/sid?cpp=EBkysXxEMStnektwV2lkWkhqQTk3MHd0TU1FdHRybHpUSHJjSnUydG1hNzNJdzdzOGZPYVZabjVLRkM1N0Y5MCtBU2xkamRlbkRtbk1sQm1YOGdxekhJRFNyQzh2cXpENzhLZkJ1TGZqMjNHc3F5cXNIUi9VZDZoY0lMNn...

433 B
653 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EBkysXxEMStnektwV2lkWkhqQTk3MHd0TU1FdHRybHpUSHJjSnUydG1hNzNJdzdzOGZPYVZabjVLRkM1N0Y5MCtBU2xkamRlbkRtbk1sQm1YOGdxekhJRFNyQzh2cXpENzhLZkJ1TGZqMjNHc3F5cXNIUi9VZDZoY0lMNnVkNW52RVZtNk9UaUxFZGx0UjZ0UnNZVysvZ3NpaGpEejVtaFErMDZBb09ycXZ0SVVlbzlNZUZXU1BHZ3U3ZFluSnRydVpubHFCTU10VW92amdjR2RNZFNIMkhkMlZYSVBnMnkzMFdxKzFrRmRsRWhrOWp3SDVzRkVYWTBBdzdibjhkcllXdnFhU0o1ZGJzU1kzTlBPQ1lSWHhZVllualpUeFl3SmlkL2h3OG5rY011eDFHVT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b230c189bdb11cc32bdc8ed011b08bfb8d139df9c3972121743276ada7088b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 747672
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EBkysXxEMStnektwV2lkWkhqQTk3MHd0TU1FdHRybHpUSHJjSnUydG1hNzNJdzdzOGZPYVZabjVLRkM1N0Y5MCtBU2xkamRlbkRtbk1sQm1YOGdxekhJRFNyQzh2cXpENzhLZkJ1TGZqMjNHc3F5cXNIUi9VZDZoY0lMNnVkNW52RVZtNk9UaUxFZGx0UjZ0UnNZVysvZ3NpaGpEejVtaFErMDZBb09ycXZ0SVVlbzlNZUZXU1BHZ3U3ZFluSnRydVpubHFCTU10VW92amdjR2RNZFNIMkhkMlZYSVBnMnkzMFdxKzFrRmRsRWhrOWp3SDVzRkVYWTBBdzdibjhkcllXdnFhU0o1ZGJzU1kzTlBPQ1lSWHhZVllualpUeFl3SmlkL2h3OG5rY011eDFHVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 307820
content-length: 0
expires: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3CB8 3 KB
2 KB 64ms
22ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 921
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 862f04336cf26568-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 22:35:13 GMT
expires: Tue, 12 Mar 2024 02:35:13 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame F17E 199 B
202 B 25ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 11 Mar 2024 22:35:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

204

beacon
ce.lijit.com/ Frame AA14
Redirect Chain

https://ap.lijit.com/beacon?informer=13401985
https://ce.lijit.com/beacon?informer=13401985

0
0

136ms
31ms

Document
text/plain

34.242.0.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=13401985
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.242.0.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-0-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date: Mon, 11 Mar 2024 22:35:13 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache

Redirect headers

content-length: 110
content-type: text/html
date: Mon, 11 Mar 2024 22:35:13 GMT
location: https://ce.lijit.com:443/beacon?informer=13401985
server: awselb/2.0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6EF4 16 KB
6 KB 137ms
39ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137210
content-encoding: gzip
content-length: 5685
content-type: text/html
date: Mon, 11 Mar 2024 22:35:13 GMT
expires: Wed, 13 Mar 2024 12:42:03 GMT
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6EEF 281 B
555 B 146ms
39ms Document
text/html 2.18.98.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.98.37 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-98-37.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.onlatvia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Mar 2024 22:35:13 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1EC2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
892 B

49ms
49ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28faeec99cb686435cdd3487ecb5e1f8172ca346dadf60cb558f50b135b2d830

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 862f0433ead66685-AMS
content-encoding: br
content-type: text/html
date: Mon, 11 Mar 2024 22:35:13 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XfBQE%2BZM1t7Gcs9HDfe151vc%2BAiJdu6DxibkRvJL2O3ZgXNWxpvBoCeNnLUNaqw1NxfSOWF7wOLSQjq7sulnn%2BqKwl9lHcuKJfQAi%2FYaBdvf9o%2F6qcZK8RTrtPHakQa8Ihfw2JHH2PGDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 862f0433aa9c6685-AMS
content-length: 0
date: Mon, 11 Mar 2024 22:35:13 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaSww91SzuIBqtXxgdqsWntWiieHUopVAbQ2wokqbLVWox%2FOrlYZGuw2GYe104iad%2B8mHhgDqyQYDKUkAHj6naVl1Y%2FEsNXFXFFGQZQVx38dekDto0Lj0tQC6CS4pV2wLx5cqjtFZFbwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6EF4 0
42 B 49ms
12ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62314442&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:12 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6EEF 40 KB
11 KB 39ms
39ms Script
text/html 2.18.98.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.98.37 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-98-37.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 42ee25f64c8218ffee3e77e74623c60ed80714ebb5af7c4555303bea65ae8474

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:35:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Mar 2024 22:26:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85860
Connection: keep-alive
Content-Length: 10989
Expires: Tue, 12 Mar 2024 22:26:13 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1EC2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

119ms
119ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Mar 2024 22:35:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V3BW9D95P55DVS21QBYW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Mar 2024 22:35:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RKXCPR0GGHKZV0K62SAG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 31327
i.liadm.com/s/ Frame 1EC2 0
180 B 416ms
97ms Image
text/plain 54.225.221.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.225.221.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-221-22.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:35:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1EC2 170 B
409 B 82ms
29ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1EC2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ze.HIVVbLSkAAAkrANa5lQAA

170 B
232 B

42ms
38ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ze.HIVVbLSkAAAkrANa5lQAA

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5%2BeGllC9qRR54HVogCW5zAIOgpwt28uOZQ2CA8PSomgDdXp3ISAZE75tZCop2fEgwjRAcgTZjRG4B%2BlRi8i%2F%2Ffd%2F%2BboP8qRBugyzTEueBDIUWUocNuDYBsJn0XSO015f33g4lZf3UpdPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ze.HIVVbLSkAAAkrANa5lQAA
cache-control: no-cache
cf-ray: 862f04344b406685-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 1EC2 43 B
654 B 119ms
21ms Image
image/gif 2607:ae80:192:1::173
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Mar 2024 22:35:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1710196514001058-387

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 1EC2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127

42 B
717 B

30ms
30ms

Image
image/gif

52.211.226.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

52.211.226.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-226-3.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v058-0b518ef9f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: PbjLZ7YJTD0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v058-084f524ed.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: xpwvGcZGSOM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Ze.HIVVbLSkAAAkrANa5lQAA%265127
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

rum
dsum.casalemedia.com/ Frame 1EC2
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1710282914

43 B
557 B

48ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1710282914
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncX8W%2BwsyRjNK%2BXxhU4wS41HCiX%2BJabGRV0gN0N%2BA6R7PMXC%2FmDRHj39EPtPoo1BBQ6ryIDQxbwXY7zm0HZfZcOXiDkBIG%2FP6vznc5%2BbAIQY9OTBqiCJKJQElxHq1TRuc7wQvXYr"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 862f04350c166685-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1710282914
pragma: no-cache
date: Mon, 11 Mar 2024 22:35:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 1EC2 42 B
181 B 106ms
31ms Image
image/gif 2a05:d018:cc3:fe05:d5b1:a87b:8c2a:4668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:d5b1:a87b:8c2a:4668 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:14 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1EC2 43 B
229 B 25ms
19ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Ze.HIVVbLSkAAAkrANa5lQAA%265127
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.onlatvia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:35:13 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 56168
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 862f04344dc46568-AMS
content-length: 43
expires: Tue, 12 Mar 2024 22:35:13 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 6EEF 7 B
380 B 92ms
21ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlatvia.com/	1970-01-20 19:03:16	Name: lotame_domain_check Value: onlatvia.com
.criteo.com/	1970-01-21 04:24:52	Name: uid Value: 66d862f6-65fc-43a0-b16f-a3ad2e515d5a
.criteo.com/	1970-01-21 04:24:52	Name: receive-cookie-deprecation Value: 1
.lv.adocean.pl/	1970-01-21 04:32:04	Name: GAD Value: KlxHlRXGQMGGR2RZd0DlpnfUssGMXP8c9RySssX6xssGvaGpI7EPoaVBL1BGG7_DGtGiXD3nG7GK3PHsp3UnGsR7IGla
.openx.net/	1970-01-21 03:48:52	Name: i Value: 2ffb69cd-ad8e-4bd3-b3ee-a8fbe868a91f\|1710196509
.onlatvia.com/	1970-01-21 03:48:52	Name: _hjSessionUser_3240687 Value: eyJpZCI6IjBmODZmMzEwLTcxYWQtNTRiNS1iZTZkLTE5YjhmZmFkZmNlMSIsImNyZWF0ZWQiOjE3MTAxOTY1MDk3MzEsImV4aXN0aW5nIjpmYWxzZX0=
.onlatvia.com/	1970-01-20 19:03:18	Name: _hjSession_3240687 Value: eyJpZCI6ImE0ZGViMGZjLTE1ZGQtNDMwMi1iZGUyLWFiM2M2YjcyOWU2NiIsImMiOjE3MTAxOTY1MDk3MzIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.onlatvia.com/	1970-01-21 03:48:52	Name: connectId Value: {"ttl":86400000,"lastUsed":1710196509735,"lastSynced":1710196509735}
.onlatvia.com/	1970-01-21 04:39:16	Name: _ga Value: GA1.2.501858203.1710196510
.onlatvia.com/	1970-01-20 19:04:42	Name: _gid Value: GA1.2.1977699558.1710196510
.onlatvia.com/	1970-01-20 19:03:16	Name: _gat Value: 1
www.onlatvia.com/	1970-01-21 04:39:16	Name: _pubcid Value: d11791a7-eab3-4ee3-829a-558e33641985
.onlatvia.com/	1970-01-21 04:39:16	Name: _ga_TVVCH5ECFK Value: GS1.2.1710196509.1.0.1710196509.0.0.0
.adnxs.com/	1970-01-21 04:39:16	Name: receive-cookie-deprecation Value: 1
www.onlatvia.com/	1970-01-20 19:03:18	Name: stpdOrigin Value: {"origin":"direct"}
www.onlatvia.com/	1970-01-20 19:46:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.hit.gemius.pl/	1970-01-21 04:32:04	Name: Gdyn Value: KlxDSRMGQMQG5sT9_0glpnfUssGM01LiL6nxGsRP5QbtGKGGqn1vLGllleX2GGiNxFm_XRSG
.hit.gemius.pl/	1970-01-21 04:32:04	Name: Gdynp Value: p_W7lV5gMMsFRYtfKoZSHaZBx5nofvfHmGI_ulCzSm3.N7
.onlatvia.com/	1970-01-20 23:22:28	Name: __eoi Value: ID=0aeb21ac922b0f8e:T=1710196510:RT=1710196510:S=AA-AfjbVt3O5-TJV5fc7RebZJkLK
.onaudience.com/	1970-01-21 03:48:52	Name: cookie Value: 72accd9558af5094
.onaudience.com/	1970-01-20 19:04:42	Name: done_redirects161 Value: 1
.exelator.com/	1970-01-20 21:56:04	Name: EE Value: "9ba7c92fe120caec99ed38ef41b89e9c"
.exelator.com/	1970-01-20 21:56:04	Name: ud Value: "eJxrXxzq6XKLQcEyKdE82dIoLdXQyCA5MTXZ0jI1xdgiNc3EMMnCMtUyeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIaEl%252BUWb6Ij%252BfxUUpaQyLSopPBR8XvwIA6x4rKg%253D%253D"
.onaudience.com/	1970-01-20 19:04:42	Name: done_redirects104 Value: 1
.rubiconproject.com/	1970-01-21 03:48:52	Name: khaos Value: LTNIUGSN-1I-6UL4
.rubiconproject.com/	1970-01-21 03:48:52	Name: audit Value: 1\|SDziDG3X/EjJt9q/4JQ1y3MylPn9loesauWVCPklCB6SIG3VlfTtkPmv9Ph+dbpZ9pLfPzi2c+QJ7ra7tCaN5uBxGCOXoSK1/7KzlvcwQaa+xUA9sgf/4b7FQD2yB//h
.onaudience.com/	1970-01-20 19:04:42	Name: done_redirects147 Value: 1
.hit.gemius.pl/	1970-01-20 19:13:21	Name: grtb_hc_data_redir_xnjrkiktyj Value: 1
.onlatvia.com/	1970-01-21 04:24:52	Name: cto_bundle Value: Bzomx184a05FU2RheUJ6Sm5GNEslMkJEVllqMFRBSSUyQmxUSFlSSHBkclclMkJjb2dvWGpPQ2RBYm9LQ1JFOUJVNlhxZlprTGNaVHFCZVFiJTJCbUJWdFpGVGQzTFc2RG11YjIlMkJVTkFOd0VtTDN0SDRJZU9zRWlmY3NTYnVVMkRzS1RReVhpOXJFcmF0UG14cU1PeGpIbFFRbHNYeVNqWFJBJTNEJTNE
.casalemedia.com/	1970-01-21 03:48:52	Name: CMID Value: Ze.HIVVbLSkAAAkrANa5lQAA
.casalemedia.com/	1970-01-20 21:12:52	Name: CMPS Value: 5127
.casalemedia.com/	1970-01-20 21:12:52	Name: CMPRO Value: 5127
.ads.pubmatic.com/	1970-01-20 19:04:42	Name: KCCH Value: YES
.demdex.net/	1970-01-20 23:22:28	Name: demdex Value: 53426626456907474073909629046926692340
.ads.stickyadstv.com/	1970-01-20 19:46:28	Name: UID Value: 55ccdc78274c9a3b518a425e627caf8
.ads.stickyadstv.com/	1970-01-20 19:46:28	Name: uid-bp-34673 Value: Ze-HIVVbLSkAAAkrANa5lQAAFAcAAAIB
.dpm.demdex.net/	1970-01-20 23:22:28	Name: dpm Value: 53426626456907474073909629046926692340
.amazon-adsystem.com/	1970-01-20 23:57:02	Name: ad-id Value: A1DD4o9XeEXZkvk6iovV8Rs
.amazon-adsystem.com/	1970-01-21 04:39:16	Name: ad-privacy Value: 0

124 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1710196509212/ad.js?id=J7ZazGrnU5FUin0PqpwB1gyRnCE_7jBT5WH8mPvOzQD.37/x=1600/y=1200(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2214b61788fa9bb7f%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221253a4b922a4abc%22%2C%22pid%22%3A%2222095009%22%2C%22tid%22%3A%22de928478-a6ab-4178-833f-26e24c5c920a%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.onlatvia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5dfe563965ed15ea8c92998b0fba8aae.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
aba7fddf984375aa756d68d8f3c47010.safeframe.googlesyndication.com
adlv.hit.gemius.pl
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
ap.lijit.com
assets.pinterest.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
casale-match.dotomi.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
kaunas.kasvyksta.lt
loada.exelator.com
log.pinterest.com
ls.hit.gemius.pl
lv.adocean.pl
maps.google.com
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.onprospects.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
region1.google-analytics.com
s.amazon-adsystem.com
scontent.xx.fbcdn.net
script.hotjar.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
static.xx.fbcdn.net
stpd.cloud
sync.crwdcntrl.net
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
web.facebook.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.onlatvia.com
104.18.35.167
104.26.9.178
108.138.6.136
13.32.27.19
141.94.171.215
141.95.171.141
142.250.74.194
145.239.237.56
145.40.97.66
151.101.192.84
159.89.25.223
162.19.138.116
172.64.149.180
172.64.151.101
178.250.1.8
18.203.213.103
18.65.35.42
18.66.97.10
185.184.8.90
185.193.27.19
185.64.189.112
185.86.138.124
198.47.127.19
2.18.98.37
2.19.105.180
2001:4860:4802:32::36
23.197.10.19
2600:9000:223c:8600:10:dd8:5e40:93a1
2600:9000:225b:4800:a:e047:753:eb41
2602:803:c003:200::91
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700::6810:5814
2606:4700::6812:1f31
2607:ae80:192:1::173
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a02:fa8:8806:13::1460
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:6f::84
2a05:d018:cc3:fe05:d5b1:a87b:8c2a:4668
2a06:98c1:3120::3
3.75.62.37
34.102.146.192
34.120.135.53
34.242.0.137
34.96.70.87
34.98.64.218
35.71.131.137
37.157.5.133
37.252.171.85
52.211.226.3
52.211.42.117
52.211.99.1
52.46.151.131
54.225.221.22
54.38.133.13
54.38.133.136
54.78.254.47
65.9.66.122
69.173.144.139
99.86.4.71
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04ae2ec39f173e1a97ffab6100ed9cb0cd3509c7667066a3fb5ee017f48d632d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f
09802b57468f278899bbace740196b6720b1edc1b0a65e45945de8862f1389d2
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb51db88dc0c21bf6ad48d73f77b34e5373b4086334a84205554afdb80b5ea0
0bc6804f991d33655ba4a95db181e2d3f73d949b11dfdc5b508d84c9892a8d54
1484a5d1b301496f85dfba1e22a7950ee980497cf527e365e5b2014c68fde3a9
15dac445e2179133316945bf493fb344f5913b4154146f48e204cd8a0dafd477
1652c42c8855cd8a32bdc7c40342ea61c53f2192c61547ed4787182e1da5ab2e
1d1b10e57f0f5456093448e771e44fe50b6266edcbc2c93ca47cce0af0b3418c
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2223fc736d939c31c380784fe30faa7f5fd9c20c05db441224e42fdb55986b14
2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924
281dcd844270f09f9c23b39358397f8df6d27f16f8cf473e94db6ec6eaf36951
28faeec99cb686435cdd3487ecb5e1f8172ca346dadf60cb558f50b135b2d830
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
2e6e8733f7242e3798e7c5f94f5ff27adb16502e4acda00b5d48215e12b9198e
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
331895f315058ba2ce3c7e7f6883fe10aa64e76d4f7f68d244955c697e48df7f
34ffcd4129d451d9751115977da4fd0bd722518050542b20984d432ba9f70fa1
35ee7281298ee5716ab2abea3c602e377a6368f3f1886b9184d93cb5b1daa12c
366db33b7bc15aa00c99f2a38791d67089c9b123be24b7c1042b2daac5a6b6a0
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
381d9d03b93ceac4db474d71080a11c01800ca6c44dd52efece46620afd1319f
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3c33fc51368d76f57dd923d02a31a976def99e7dc4d54bc4ebb0c6ba9f1e0733
3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41637745312f55618a688086ba66b46ea9608ec557350aa61b49d934dd9bfe2a
42ee25f64c8218ffee3e77e74623c60ed80714ebb5af7c4555303bea65ae8474
4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cc840e027bfb8c8ba3bba2e694bc6a28f7bdad1235c6a5375f419459baf299
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
45ff6c58f47ea6de44beacdb4af7ed5f1d41887b69895b44b1ace158b71ff5bd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc
4b12da79c02d59bdb1ef0406377ca4d027f9acb494f8724dd197e1515c30010d
4b8195b964e3fbf97672ff69003367d12658acda2b72fbe6dc6ab7a6a0edfe80
4c17587ec1fbe78678cecad447b4c9fcb639cd077eccaf56fa68c44ae5be03ff
5141bb3d1bb623f01d8df7b37c5a2f7ad6afa31bd9eff183417b083e10acdffc
52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f
5374b58d841d29903b3264973fbeb29fee6b6a943340db1821cbb882c0a40826
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a751e3ec9b196b12ce71e53e4d86be190b075255d52271f4dfd50707f88d5e
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
573c8c2559cc4472280250be9c792db9b165b6c03fc021c94505f3141c738167
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
59538c2ff54a29dd18b64a47f5c62c9e1574be460e2561d6945379c46e687fff
5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a
5a9b80c9840966630177d9b0ad94b2152f9cc209c4522ef0f303d783e365f553
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
5e2b15cc82a55d8ae06ebeb96c4a9dd97f29c16ec2a66efc8c4581bff8a53da3
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
60f918ff0211c07949d8c1cf0bb4da286b760c46cef1dc021c24ba01ae8d0d9e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
6754f1302bcc2339d8971ccfee069249e06f6b03cbaa9289102862cc18d7722f
68b3c269864694877e9840ea96b82fe4baa1bf20e158e87b9a5d30769ee74905
68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6b230c189bdb11cc32bdc8ed011b08bfb8d139df9c3972121743276ada7088b2
6bb94f3a69669fba548dbba9a87dee259698b2bf339f3ed430e35a8a8ab49811
6e1194f0f1d1026641bf1f2b9a0d66135b2f4f04bc4cae53ef1701890a0316f2
6e46aebd8b3d1b2ccee73391693425524a63b373bc7a647eef58cd88b65b5c58
6f905b994588b153d14c03a3483121b0fa70981f03601f1fd2cc0a0811c79b3f
707ab8fad177a9d1d47330571cb21fc014bbaa424d81e45c0edf0df50c5957c1
70cd32600d66fe67e9a7dfe747c5ae4af342468711a4b3c2e635ed3fbaa976a8
7128922c17640ce95ed3d861550c460063b00d4400a0f3c21e3845c911211a7c
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
753f7c27c12e4c45df384cdb8693fcf4daef36ff7848403b3bd1582ae654dd3f
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
75fe03856801393e50afbc856b946580aeea148891a7fccfd918077cffd81a9b
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7e4c42310b42cc10b32ea54b8eebd69e9b553cb52646918cb685af0bf69173bf
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
7fa6aa119872c3237a1bb243f12c2dfe5dd17408d0b8c0b213acb0bd2e69a5de
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8266adb334c5eae8e2f72e42061abfd05a205d2162b2a3138455819470441339
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
883392993e7cc54151ba8577fa4624fe3509ecd43dc0e8bfc0e32e2d864c2ed4
8b16f149431d8b0a80911c8d5d964200bbcfe08651c272c98756ffd90b60af91
8b1e46223ae78b84e70986de25f1171ac81915ce504b3e7777e725ef33eefcab
8b8eef831b5fc21d8a49df93c579edf12f575ba3e1adc2725d2ed5e82ac7ca6b
8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb65adc0a35b1683f0923e6ba15432924cfb6a530b9286228990432d6bcbde0
90aa33fc36a55642aac0ba12f19fa364e54b0d5f3ac35bee16dd941445e10bcf
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5
96783dc392c6e406dbbc1fd15c9edf08f0be0d6e8fa9d5975a14493b30af0ff7
96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38
9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d
9aacae4e62b053a6183f515135930cd8da65009595d4b7ba62fdc56ada5318d5
9ab5c4a5654ff49c7c82dd950c15147602e876367c209b30de112c970b20e357
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f9246a8abfb71eeaf88c77941974ca157bf4b5ff70c35f18eb04d68517d6369
a037aa69edc673f8b851fd88fc0850d8751c36464dba861c2cf3dfbdfa65ac5a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36a4fd7add7910f4faa84ac23c6eee6ed1bbaeda949b107f085b0f5de2897ba
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a54713840df100b8cd266df4a048ba67b1cad082fca8ebbb67675ec4d840803a
a607c3aa5e07faeb65c4fa61c6a63633b0818efd5169351fecd6a74123905928
af9993ba811178896cb23f4c7962c653da1b3abe26a94e25de15301bacf6465e
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5ec4e129d1e7b5f8d9d34e746a8b07ea5df71bdb977ce829e23009474242d3f
b9d0098a6f2d236b850b38819c7d41ad57b72888f4aa70e78c0628138c488736
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb79fea299d9b1ef9843c59c430d19ea95a2998c5646aa4346e18c39da65cd71
bb96f8cae88ecd6f6049abc0141c4fa123d6136cf652211f0e684beed8e16569
bc8c45915fcaf7c54bde63b920644fc8896a9232d3312263f707e5adda766ae7
bd700598278741f0b9c64762d1ef688139a5281c575c77b20083781da75d4678
bef2dcab49a83c4ca40a11075669c19722bb308cbee7b6bc030cf31416633bb6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24f688830837f2ddffeb227d86f71b1c7c247bb0563946762967fd2cb4288f5
c295757e322ef765e7f01fef24653a96b1ab5912ae6bf4c3e6bff9ee313a6c95
c3a68fbdfba5a57a68f0041c669c3ce080b1bc7178133518bfc79accd68eb054
c3c24d578a72dcc6aed7b6927169623dac1af2c44c3a39436d764b9be81760ea
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c809dbaba44711a01b1373c616ccd40465cb807b991f48e798e03df11786e992
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b
c9064f4f6ab642a40b8a14f1521eb6ab9ab54b5a781957ba16bae1cca47c3c7a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207
cbb4ee4673cd10f65c03a42f17e8a70ee7c497945399701e5e444807fdc5184b
cbd7b3c7f3305a97a6bd6276a439e76693f14823fd02a0084778acb24f060e4c
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
cdfaf46feb86db5a67685d90f7dc9c2e18f665808191db708aae722eb625bdda
ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4
ce7981b3a7e9e65d35da51e318b314e98d48795d015699293b37dba5d7560149
d08402d8b2b7a919f4019c2bf08b58da9cc56619664cfa5bddbe6a80e262931d
d35dfe6338d4e7616fd929821b77e18dde8d35a5ddb46fc91af96dd015c8ff15
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d41861baf2ed8e52fd9faacbafaa41a97761c4a3d44f7031011fecb6bef8a382
d485ce3e031648e3d71009f315b3d6f077d43b3f7fae7b0bb16b1f37c7285b3c
d708fa4c0ee51af01e4b17a833a7c116b07742b6e10d3cfe34ac9a74c234ded9
d7b79160e10110379b613d61abf5806b4d72f45ebe23e760e0f92e0ce24f1439
dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c
ddbbde2027e4454687020aeccd0560dbef454e2d0adf10cc6680df205ebee16e
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df828b82729c8c4e7777acc868455630085929d1c9408cab64427648a1b2bdd5
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e25dd5f51ae551733579db6d528dc09e1e37fc0971124ef58436258192c80a3a
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bf3ef62a1db40fab1e493c57d04777f4f714e71d4e2277095de9547509ef50
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ecc4eed3ac20ad76d969428f2dcf0a6f53874c3d2abf25fba87fb61a01ab3d88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0
faeefb36179d7ab4635c872053c1e7c7902156498989c055a9d12c6ccd6b8ab1
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.onlatvia.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

205 Requests

96 %HTTPS

43 %IPv6

54 Domains

92 Subdomains

76 IPs

10 Countries

2555 kBTransfer

7802 kBSize

39 Cookies

4 Outgoing links

Page URL History

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.onlatvia.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

96 %
HTTPS

43 %
IPv6

54
Domains

92
Subdomains

76
IPs

10
Countries

2555 kB
Transfer

7802 kB
Size

39
Cookies

205 HTTP transactions
28 data transactions