vpmviss-pieslegties-lv.com Open in urlscan Pro
91.215.85.79 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vpmviss-pieslegties-lv.com/
Effective URL:
https://vpmviss-pieslegties-lv.com/pages
Submission: On March 28 via api (March 28th 2024, 11:33:48 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 32 HTTP transactions. The main IP is 91.215.85.79, located in Russian Federation and belongs to PROSPERO-AS, RU. The main domain is vpmviss-pieslegties-lv.com.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.

This is the only time vpmviss-pieslegties-lv.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LT Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 20	91.215.85.79 91.215.85.79	200593 (PROSPERO-AS) (PROSPERO-AS)
1 2	193.203.196.144 193.203.196.144	19905 (SECURITYS...) (SECURITYSERVICES)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
2	195.244.156.187 195.244.156.187	210213 (STATE-ICT-AS) (STATE-ICT-AS)
32	6

20 91.215.85.79 (Russian Federation) 1 redirects

ASN200593 (PROSPERO-AS, RU)

vpmviss-pieslegties-lv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.203.196.144 (Estonia) 1 redirects

ASN19905 (SECURITYSERVICES, US)
PTR: www.swedbank.lv

swedbank.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.swedbank.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.156.187 (Latvia)

ASN210213 (STATE-ICT-AS, LV)

vpm.viss.gov.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	vpmviss-pieslegties-lv.com 1 redirects vpmviss-pieslegties-lv.com	164 KB
7	gstatic.com fonts.gstatic.com	256 KB
2	viss.gov.lv vpm.viss.gov.lv	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	19 KB
2	swedbank.lv 1 redirects swedbank.lv — Cisco Umbrella Rank: 645643 www.swedbank.lv	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
32	6

	Domain	Requested by
20	vpmviss-pieslegties-lv.com	1 redirects vpmviss-pieslegties-lv.com
7	fonts.gstatic.com	fonts.googleapis.com
2	vpm.viss.gov.lv
2	cdn.jsdelivr.net	vpmviss-pieslegties-lv.com
1	fonts.googleapis.com	vpmviss-pieslegties-lv.com
1	www.swedbank.lv	vpmviss-pieslegties-lv.com
1	swedbank.lv	1 redirects
32	7

This site contains links to these domains. Also see Links.

Domain
swedbank.lv-pieeja.info

Subject Issuer	Validity	Valid
vpmviss-pieslegties-lv.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.viss.gov.lv Sectigo RSA Domain Validation Secure Server CA	`2023-10-02` - `2024-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://vpmviss-pieslegties-lv.com/pages
Frame ID: 8A3845CFEF79A54C7D74147DAC1B2ADC
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vienotās pieteikšanās modulis

Page URL History Show full URLs

https://vpmviss-pieslegties-lv.com/ HTTP 302
https://vpmviss-pieslegties-lv.com/pages Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

32
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

444 kB
Transfer

1066 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://swedbank.lv-pieeja.info/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vpmviss-pieslegties-lv.com/ HTTP 302
https://vpmviss-pieslegties-lv.com/pages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://swedbank.lv/webjars/webcomponents/2.9.0/assets/images/swedbank-logo.svg HTTP 302
https://www.swedbank.lv/errorpages/404LV.html

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pages Show response
vpmviss-pieslegties-lv.com/
Redirect Chain

https://vpmviss-pieslegties-lv.com/
https://vpmviss-pieslegties-lv.com/pages

22 KB
4 KB

300ms
299ms

Document
text/html

91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 331b6e3194f622ab00bb04e6ddd5d9cc16b9e10e8560e550089e90b0394e354d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 4474
content-type: text/html; charset=UTF-8
date: Thu, 28 Mar 2024 23:33:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Mar 2024 23:33:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://vpmviss-pieslegties-lv.com/pages
pragma: no-cache

GET
H3 200 site.min.css
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 1 KB
610 B 138ms
137ms Stylesheet
text/css 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/site.min.css
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 4b5844e401cefc37062362a0c68e992db7f930d179394ee919ffab18e8bdab57

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:05:50 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 347
expires: Thu, 04 Apr 2024 23:33:41 GMT

GET
H3 200 main.bundle.css
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 415 KB
55 KB 140ms
136ms Stylesheet
text/css 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/main.bundle.css
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 10ecf24c142ae525a120f25c3d9502698e969c13661a918207194621c37ea7e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:07:35 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55780
expires: Thu, 04 Apr 2024 23:33:41 GMT

GET
H3 200 jquery.js Show response
vpmviss-pieslegties-lv.com/js/cntdjs/ 87 KB
30 KB 309ms
306ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/js/cntdjs/jquery.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Wed, 08 Jun 2022 22:37:44 GMT
accept-ranges: bytes
content-length: 30267
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 jquery.mask.js Show response
vpmviss-pieslegties-lv.com/js/cntdjs/ 23 KB
5 KB 300ms
297ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/js/cntdjs/jquery.mask.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Wed, 08 Jun 2022 22:37:44 GMT
accept-ranges: bytes
content-length: 5583
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 cntd.js Show response
vpmviss-pieslegties-lv.com/js/cntdjs/ 3 KB
1 KB 303ms
301ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/js/cntdjs/cntd.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 516d68ef496d4d7464f80f390917e23c6b5534f56ed6a2f10f1f0849592fc913

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Sun, 26 Mar 2023 04:33:19 GMT
accept-ranges: bytes
content-length: 1003
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 loading.js Show response
vpmviss-pieslegties-lv.com/js/shared/ 3 KB
799 B 305ms
303ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/js/shared/loading.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 986f80e622582142a00b8ec4f60b69082f6c1548e5ecf519a0295900a1cf3531

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 757
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 online_status.js Show response
vpmviss-pieslegties-lv.com/js/shared/ 998 B
402 B 305ms
304ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/js/shared/online_status.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:41 GMT
content-encoding: br
last-modified: Wed, 08 Jun 2022 22:37:44 GMT
accept-ranges: bytes
content-length: 383
vary: Accept-Encoding
content-type: text/javascript

GET
H/1.1

200
OK

404LV.html
www.swedbank.lv/errorpages/
Redirect Chain

https://swedbank.lv/webjars/webcomponents/2.9.0/assets/images/swedbank-logo.svg
https://www.swedbank.lv/errorpages/404LV.html

1 KB
1 KB

1046ms
274ms

Image
text/html

193.203.196.144
SECURITYSERVICES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swedbank.lv/errorpages/404LV.html
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: HTTP/1.1
Server: 193.203.196.144 , Estonia, ASN19905 (SECURITYSERVICES, US),
Reverse DNS: www.swedbank.lv
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vpmviss-pieslegties-lv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Last-Modified: Thu, 28 Mar 2024 13:50:56 GMT
Accept-Ranges: bytes
Content-Length: 5977
Content-Type: text/html

Redirect headers

Location: https://www.swedbank.lv/errorpages/404LV.html
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H3 200 blueorange.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 3 KB
3 KB 283ms
282ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/blueorange.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: ce8f051ce2d1db8c37b765210ab053ef409953760cb144b1f28a295ce6b37674

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:41 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 2588
expires: Thu, 04 Apr 2024 23:33:41 GMT

GET
H3 200 citadele.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 2 KB
2 KB 131ms
130ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/citadele.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: acaeeede53a0e15fa82b8b21eb2ae5a817c6fc7c0c4ab81fd2ce8405e1e9eeb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 2014
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 seb.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 3 KB
3 KB 131ms
130ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/seb.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 467efed634c6c7b64742a892107f9df4e3e100ad1e53b81b3fdffe1c1f209d0a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 2753
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 industra.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 3 KB
3 KB 175ms
166ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/industra.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 6c75ff0b94f24beacf2d1e245ce9c77431b7b61cebe81cfa717283ec680742db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 3437
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 Rietumu.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 4 KB
4 KB 265ms
263ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/Rietumu.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: b4611125af5d89e9a75eb55042d8b148bbc9958d70f77c5188b1214ca4d0df3c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 3923
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 rib.png
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 4 KB
5 KB 255ms
253ms Image
image/png 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/rib.png
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 526ebef92201ae04ad5bb5f9d917c90c48564aed9ffb86c110a85828d5739ad5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 4599
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 Luminor.jpg
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 3 KB
3 KB 263ms
261ms Image
image/jpeg 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/Luminor.jpg
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 9d9360770f65bb2d0ee177cac14c29fe7a35b5ce4f75158572652549fa733fc9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/jpeg
date: Thu, 28 Mar 2024 23:33:42 GMT
cache-control: public, max-age=604800
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 2606
expires: Thu, 04 Apr 2024 23:33:42 GMT

GET
H3 200 jquery.min.js Show response
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 87 KB
30 KB 207ms
205ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/jquery.min.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:42 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 30280
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 layout_setlanguage.js Show response
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 369 B
178 B 236ms
233ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/layout_setlanguage.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 08d8e994c0ebcbaa23b8340d345ff17517b0d1c6840d616bd13ac997e4ee1ef4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:42 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 160
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 popper.min.js Show response
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 19 KB
7 KB 237ms
234ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/popper.min.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 97fd69305ffe2784d385f800452e8ac16ae4fde830b95be14737cb00c43a0ece

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:42 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 6966
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 tippy-bundle.umd.min.js Show response
vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/ 25 KB
8 KB 249ms
246ms Script
text/javascript 91.215.85.79
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/tippy-bundle.umd.min.js
Requested by: Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/pages
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 91.215.85.79 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/pages
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:42 GMT
content-encoding: br
last-modified: Thu, 13 Apr 2023 10:05:51 GMT
accept-ranges: bytes
content-length: 8307
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 jodit.min.css
cdn.jsdelivr.net/npm/jodit@3.4.14/build/ 83 KB
19 KB 357ms
61ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jodit@3.4.14/build/jodit.min.css

Requested by

Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/main.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9cd25fc20657bfb86ed970840e5fc24129e94742b73177525293e3b3827613b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 23:33:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 655790
x-jsd-version: 3.4.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18655
x-served-by: cache-fra-etou8220066-FRA, cache-ewr18137-EWR
x-jsd-version-type: version
etag: W/"14d1d-tiEZ84+x0RxqlcYnvcY3g24Mo9U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 splide-core.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.8/dist/css/ 2 KB
711 B 407ms
111ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.8/dist/css/splide-core.min.css

Requested by

Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/main.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bca538919cd55f1874f817fa57ec377f21bb95a442eba41ee47384b0f0d766fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 23:33:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1104628
x-jsd-version: 2.4.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 590
x-served-by: cache-fra-etou8220115-FRA, cache-ewr18137-EWR
x-jsd-version-type: version
etag: W/"60b-YTPQjL9QeNIepBVQHlloD5p81Hc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 404ms
109ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Requested by

Host: vpmviss-pieslegties-lv.com
URL: https://vpmviss-pieslegties-lv.com/front_end/front_end_files/landing_page/main.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

607555faaf77005270fa4d2da4fe02c67a8a29f2f3da066ff8a5fb498cddf8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Mar 2024 23:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 23:33:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Mar 2024 23:33:42 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 919ms
660ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 21:08:13 GMT
x-content-type-options: nosniff
age: 95129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 21:08:13 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 859ms
601ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 09:11:32 GMT
x-content-type-options: nosniff
age: 138130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 09:11:32 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 894ms
637ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 09:09:53 GMT
x-content-type-options: nosniff
age: 138229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 09:09:53 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 523ms
266ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:46:03 GMT
x-content-type-options: nosniff
age: 85659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 23:46:03 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 37 KB
37 KB 785ms
531ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4f50b8bf27fec2b2be5907a06a6579a355aa86542322a2434fac71a22c2ea6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:53:26 GMT
x-content-type-options: nosniff
age: 139216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:53:26 GMT

GET
H2 200 4iCs6KVjbNBYlgoKcQ72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 46 KB
46 KB 372ms
138ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:14:07 GMT
x-content-type-options: nosniff
age: 141575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:14:07 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 41 KB
41 KB 695ms
462ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec80b562d5a12eb00edd4a7ccdab4cdb58f639a1f254802bc065ceb6350fe4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://vpmviss-pieslegties-lv.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:40:53 GMT
x-content-type-options: nosniff
age: 85969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42268
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 23:40:53 GMT

GET
H/1.1 200
OK favicon.ico
vpm.viss.gov.lv/LVP.STS/ 1 KB
1 KB 1864ms
409ms Other
image/x-icon 195.244.156.187
STATE-ICT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vpm.viss.gov.lv/LVP.STS/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.244.156.187 , Latvia, ASN210213 (STATE-ICT-AS, LV),

Reverse DNS

Software

Resource Hash

db8eb690711c0ffdc6fad7291f794e6dd36230909af531851788830289e4fe7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 05 Mar 2024 14:47:29 GMT
accept-ranges: bytes
etag: "1da6f0c0bda52fe"
content-length: 1150
content-type: image/x-icon

GET
H/1.1 200
OK favicon.ico
vpm.viss.gov.lv/LVP.STS/ 1 KB
1 KB 163ms
162ms Other
image/x-icon 195.244.156.187
STATE-ICT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vpm.viss.gov.lv/LVP.STS/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.244.156.187 , Latvia, ASN210213 (STATE-ICT-AS, LV),

Reverse DNS

Software

Resource Hash

db8eb690711c0ffdc6fad7291f794e6dd36230909af531851788830289e4fe7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vpmviss-pieslegties-lv.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 23:33:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 05 Mar 2024 14:47:29 GMT
accept-ranges: bytes
etag: "1da6f0c0bda52fe"
content-length: 1150
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LT Government (Government)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vpmviss-pieslegties-lv.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b4a591232635ba8fc5f1a01aca7e6efc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
swedbank.lv
vpm.viss.gov.lv
vpmviss-pieslegties-lv.com
www.swedbank.lv
193.203.196.144
195.244.156.187
2607:f8b0:4006:806::2003
2607:f8b0:4006:80c::200a
2a04:4e42:600::485
91.215.85.79
08d8e994c0ebcbaa23b8340d345ff17517b0d1c6840d616bd13ac997e4ee1ef4
10ecf24c142ae525a120f25c3d9502698e969c13661a918207194621c37ea7e8
331b6e3194f622ab00bb04e6ddd5d9cc16b9e10e8560e550089e90b0394e354d
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
467efed634c6c7b64742a892107f9df4e3e100ad1e53b81b3fdffe1c1f209d0a
4b5844e401cefc37062362a0c68e992db7f930d179394ee919ffab18e8bdab57
516d68ef496d4d7464f80f390917e23c6b5534f56ed6a2f10f1f0849592fc913
526ebef92201ae04ad5bb5f9d917c90c48564aed9ffb86c110a85828d5739ad5
607555faaf77005270fa4d2da4fe02c67a8a29f2f3da066ff8a5fb498cddf8f4
6c75ff0b94f24beacf2d1e245ce9c77431b7b61cebe81cfa717283ec680742db
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
97fd69305ffe2784d385f800452e8ac16ae4fde830b95be14737cb00c43a0ece
986f80e622582142a00b8ec4f60b69082f6c1548e5ecf519a0295900a1cf3531
9d9360770f65bb2d0ee177cac14c29fe7a35b5ce4f75158572652549fa733fc9
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
acaeeede53a0e15fa82b8b21eb2ae5a817c6fc7c0c4ab81fd2ce8405e1e9eeb5
b4611125af5d89e9a75eb55042d8b148bbc9958d70f77c5188b1214ca4d0df3c
bca538919cd55f1874f817fa57ec377f21bb95a442eba41ee47384b0f0d766fb
ce8f051ce2d1db8c37b765210ab053ef409953760cb144b1f28a295ce6b37674
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7
db8eb690711c0ffdc6fad7291f794e6dd36230909af531851788830289e4fe7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f50b8bf27fec2b2be5907a06a6579a355aa86542322a2434fac71a22c2ea6e
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ec80b562d5a12eb00edd4a7ccdab4cdb58f639a1f254802bc065ceb6350fe4b5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9cd25fc20657bfb86ed970840e5fc24129e94742b73177525293e3b3827613b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

vpmviss-pieslegties-lv.com Open in urlscan Pro 91.215.85.79 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

6 IPs

4 Countries

444 kBTransfer

1066 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vpmviss-pieslegties-lv.com Open in urlscan Pro
91.215.85.79 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

444 kB
Transfer

1066 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!