tautaruna.nra.lv Open in urlscan Pro
193.108.146.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2023, 4:45:32 am UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 11 countries across 32 domains to perform 94 HTTP transactions. The main IP is 193.108.146.39, located in Latvia and belongs to DEAC-AS, LV. The main domain is tautaruna.nra.lv.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 15th 2022. Valid for: a year.

This is the only time tautaruna.nra.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	193.108.146.39 193.108.146.39	12993 (DEAC-AS) (DEAC-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	193.200.125.237 193.200.125.237	43811 (TELIA-LIE...) (TELIA-LIETUVA)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1 4	54.38.133.136 54.38.133.136	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:211... 2600:9000:211a:8a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	178.62.251.85 178.62.251.85	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:11a... 2a02:26f0:11a:398::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.108.49 18.66.108.49	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2010	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223c:a600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 6	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
4	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2600:9000:225... 2600:9000:225e:9e00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.227.52 35.156.227.52	16509 (AMAZON-02) (AMAZON-02)
3 6	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
5 5	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	52.211.54.102 52.211.54.102	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
94	37

15 193.108.146.39 (Latvia)

ASN12993 (DEAC-AS, LV)
PTR: rev-193-108-146-39.deac.net

tautaruna.nra.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zinas.nra.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nra.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.125.237 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)

core.dimatter.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

apps-cdn.relevant-digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.133.136 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip136.ip-54-38-133.eu

ghmlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211a:8a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.251.85 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

nra.ilaipa.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:11a:398::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.85.120 (Schiphol, Netherlands) 2 redirects

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csyn-r.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csyn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.227.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-227-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.239 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.180.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.54.102 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-54-102.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cxense.com 2 redirects cdn.cxense.com — Cisco Umbrella Rank: 4559 scdn.cxense.com — Cisco Umbrella Rank: 12457 api.cxense.com — Cisco Umbrella Rank: 8925 comcluster.cxense.com — Cisco Umbrella Rank: 5438 p1cluster.cxense.com — Cisco Umbrella Rank: 7785 id.cxense.com — Cisco Umbrella Rank: 10365 csyn-r.cxense.com — Cisco Umbrella Rank: 51689 csyn.cxense.com — Cisco Umbrella Rank: 39343	115 KB
15	nra.lv tautaruna.nra.lv zinas.nra.lv — Cisco Umbrella Rank: 838057 nra.lv — Cisco Umbrella Rank: 490817	87 KB
9	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 731 simage2.pubmatic.com — Cisco Umbrella Rank: 657 image2.pubmatic.com — Cisco Umbrella Rank: 882 aud.pubmatic.com — Cisco Umbrella Rank: 4580 simage4.pubmatic.com — Cisco Umbrella Rank: 1166	26 KB
9	gstatic.com fonts.gstatic.com	304 KB
8	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2810 test.cmp.quantcast.com — Cisco Umbrella Rank: 10681 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12325	203 KB
8	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	157 KB
6	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 7221 c1.adform.net — Cisco Umbrella Rank: 590	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506	20 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2771 dis.criteo.com — Cisco Umbrella Rank: 683	2 KB
4	gemius.pl 1 redirects ghmlv.hit.gemius.pl galv.hit.gemius.pl — Cisco Umbrella Rank: 232609	28 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2200	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 storage.googleapis.com — Cisco Umbrella Rank: 407	3 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 4037	1 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 2520 mwzeom.zeotap.com — Cisco Umbrella Rank: 2360	817 B
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 25431	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4255	562 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1304	960 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 385	2 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 396	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 285	57 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	156 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 751	220 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	725 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1014	403 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 913	634 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 12828	257 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 963	9 KB
1	ilaipa.lv nra.ilaipa.lv	304 B
1	relevant-digital.com apps-cdn.relevant-digital.com — Cisco Umbrella Rank: 148886	2 KB
1	dimatter.ai core.dimatter.ai — Cisco Umbrella Rank: 219060	142 KB
94	32

	Domain	Requested by
9	fonts.gstatic.com	fonts.googleapis.com
8	tautaruna.nra.lv	tautaruna.nra.lv
6	cmp.quantcast.com	tautaruna.nra.lv cmp.quantcast.com
5	cm.g.doubleclick.net	5 redirects
5	zinas.nra.lv	tautaruna.nra.lv
4	dmp.adform.net	2 redirects
4	cdn.cxense.com	apps-cdn.relevant-digital.com core.dimatter.ai cdn.cxense.com
4	region1.google-analytics.com	www.googletagmanager.com
3	pixel.onaudience.com	3 redirects
3	csyn.cxense.com	ads.pubmatic.com
3	securepubads.g.doubleclick.net	tautaruna.nra.lv securepubads.g.doubleclick.net
3	ghmlv.hit.gemius.pl	1 redirects tautaruna.nra.lv
2	visitor.fiftyt.com	2 redirects
2	loada.exelator.com	2 redirects
2	image2.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	c1.adform.net	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	cdn.cxense.com
2	sync.smartadserver.com	1 redirects
2	secure.adnxs.com	2 redirects
2	csyn-r.cxense.com	2 redirects
2	comcluster.cxense.com	tautaruna.nra.lv cdn.cxense.com
2	id5-sync.com	core.dimatter.ai
2	mug.criteo.com	tautaruna.nra.lv
2	gum.criteo.com	1 redirects
2	nra.lv	cmp.quantcast.com tautaruna.nra.lv
2	c.amazon-adsystem.com	core.dimatter.ai c.amazon-adsystem.com
2	www.google-analytics.com	tautaruna.nra.lv www.google-analytics.com
2	connect.facebook.net	tautaruna.nra.lv connect.facebook.net
2	www.googletagmanager.com	tautaruna.nra.lv www.googletagmanager.com
2	fonts.googleapis.com	tautaruna.nra.lv
1	simage4.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org
1	aud.pubmatic.com
1	mwzeom.zeotap.com
1	spl.zeotap.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	id.cxense.com	cdn.cxense.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	lb.eu-1-id5-sync.com	core.dimatter.ai
1	p1cluster.cxense.com	cdn.cxense.com
1	api.cxense.com	cdn.cxense.com
1	rules.quantcount.com	secure.quantserve.com
1	c.cintnetworks.com	tautaruna.nra.lv
1	secure.quantserve.com	cmp.quantcast.com
1	storage.googleapis.com	core.dimatter.ai
1	scdn.cxense.com	core.dimatter.ai
1	nra.ilaipa.lv	tautaruna.nra.lv
1	galv.hit.gemius.pl	tautaruna.nra.lv
1	apps-cdn.relevant-digital.com	tautaruna.nra.lv
1	core.dimatter.ai	tautaruna.nra.lv
94	56

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
nra.lv

Subject Issuer	Validity	Valid
*.nra.lv Sectigo RSA Domain Validation Secure Server CA	`2022-07-15` - `2023-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
core.dimatter.ai R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-28` - `2023-02-26`	3 months	crt.sh
1801851514.rsc.cdn77.org R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
nra.ilaipa.lv R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-11-04` - `2023-05-04`	6 months	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Frame ID: ABFD3265E320ABC0104826C5A688A1AB
Requests: 73 HTTP requests in this frame

Frame: https://nra.lv/qcCmp.html
Frame ID: 272C6103303945390368D7D3E5DB09F1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 639894A76A7E37436BB99B8DC4BE450C
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Frame ID: 55C1147473F071F44150D90D56CA0039
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=0&gdpr_consent=
Frame ID: E117AAA2FC0EBA5653DB0BB48C117C29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0d263f1-a966-4700-96ec-366b473eebf8&gdpr=0&gdpr_consent=
Frame ID: 27778ADAD3E19ADEEAB9297D31F1796C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3387247449637461974
Frame ID: 858D73988816CC51E442414B903FA7F8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5DC112B80944496FE7045EC9DA84C1F0
Requests: 1 HTTP requests in this frame

Frame: https://csyn.cxense.com/pcs.gif?cxsite=1138556934481314570&userId=FE853CE7-0796-4C9F-A993-36F9F5D14E0C
Frame ID: 12219C6DD2470A2B894DEE591E09DA4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lapa netika atrasta - Kļūda 404 - Tauta Runā

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

94
Requests

87 %
HTTPS

36 %
IPv6

32
Domains

56
Subdomains

37
IPs

11
Countries

1399 kB
Transfer

3935 kB
Size

48
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TautaRuna/

Search URL Search Domain Scan URL

URL: https://twitter.com/tautaruna

Search URL Search Domain Scan URL

URL: https://nra.lv/info/lietosanas-noteikumi/
Title: Lietošanas noteikumi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://ghmlv.hit.gemius.pl/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&ref=&extra=title%3DLapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81%7Cauthor%3D&inner=_ver%3D59%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&sendf=0 HTTP 301
https://ghmlv.hit.gemius.pl/__/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&ref=&extra=title%3DLapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81%7Cauthor%3D&inner=_ver%3D59%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&sendf=0

Request Chain 55

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftautaruna.nra.lv%2F&domain=tautaruna.nra.lv&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=S547LHxOTnUvNnVHOHhIQUErcDVMNVYydmJsekoxYS9NN0kvc3dYSGI0YlV3OTNBLzIrT0ErUkZYbjB2SjAvUUdNL2V4UzhHbkFSRTVJazNRRVVMOHd2bTB5eHI1b1M3cDlvbWVzaHZ1S0t0K3FGYnBYdEh0Lzl5WUdrK2p5enpldWdJNXRuY0JBKzR3dUpLeDgxVG1BVWtEU3F1WTBwUTQ3Q1BKU2VjRjdGTDZSQW8wdlpmTlRaS3hlZ3cydi9uakxYZnB0Wk9FbDkyT0J6VFB3Y1IyUzhrK1dyajhqcWJtK2tyUGlqa2U4cHJOSm5kVDNnMFVrWFBLUXBMV1ZyOVY5bG1yfA&cppv=2

Request Chain 72

https://csyn-r.cxense.com/?cxsite=1138556934481314570&partnerId=csr&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=fk502q9a2wpq2k29mujpxniao HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=cxense_ddp&google_cm&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cxense_ddp&google_cm=&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_tc= HTTP 302
https://csyn.cxense.com/gdbm.png?cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_gid=CAESEEpCiaFey6uXE4k3lcBjx2A&google_cver=1

Request Chain 74

https://secure.adnxs.com/getuid?https%3A%2F%2Fcsyn.cxense.com%2Fapn.png%3Fcxsite%3D1138556934481314570%26uid%3D%24UID%26cxckp%3Dcx%253A1jutln30baxrsykcu5n8e3h53%253A10fqq0urce3d9&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcsyn.cxense.com%252Fapn.png%253Fcxsite%253D1138556934481314570%2526uid%253D%2524UID%2526cxckp%253Dcx%25253A1jutln30baxrsykcu5n8e3h53%25253A10fqq0urce3d9%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://csyn.cxense.com/apn.png?cxsite=1138556934481314570&uid=7049314980101128297&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&gdpr=0&gdpr_consent=

Request Chain 75

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcsyn.cxense.com%2Fsmt.png%3Fcxsite%3D1138556934481314570%26userId%3D%5Bsas_uid%5D%26cxckp%3Dcx%253A1jutln30baxrsykcu5n8e3h53%253A10fqq0urce3d9 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://csyn.cxense.com/smt.png?cxsite=1138556934481314570&userId=[sas_uid]&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cklb=1

Request Chain 77

https://csyn-r.cxense.com/?cxsite=5857301321760177737&partnerId=csr&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=fk502q9a2wpq2k29mujpxniao HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

Request Chain 80

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0d263f1-a966-4700-96ec-366b473eebf8&gdpr=0&gdpr_consent=

Request Chain 81

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3387247449637461974

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_oU85weWTJ-pkzb59dFODA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 85

https://pixel.onaudience.com/?partner=214&mapped=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2cc724621d4b3ddf91d0a506a7d92ebd&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e07345d6ef2b62f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=2e07345d6ef2b62f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-9519768e1582&zcluid=2e07345d6ef2b62f&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOP_M6AUGchhHHBca90vKRg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-9519768e1582&zcluid=2e07345d6ef2b62f&zdid=1332

Request Chain 86

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&addseg=19,36,42

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRWQ0yJy9XORakcpgI-Ni0&google_cver=1

Request Chain 89

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8254725562819528862

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/ 24 KB
7 KB 220ms
101ms Document
text/html 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 7dce7e24b50f7a0bac936b94de76023e48f5ec88ec4612edddbb2b6b82ba23f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 04:45:22 GMT
expires: Sun, 19 Feb 2023 04:45:22 GMT
link: </build/app.df501b36.css>; rel="preload"; as="style",</build/runtime.2ac11785.js>; rel="preload"; as="script",</build/rekl.294e92f4.js>; rel="preload"; as="script",</build/app.d6f65f2b.js>; rel="preload"; as="script"
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 app.df501b36.css
tautaruna.nra.lv/build/ 63 KB
9 KB 60ms
59ms Stylesheet
text/css 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tautaruna.nra.lv/build/app.df501b36.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 0152c5ca5f3fd9a124e60e2ca5bb7907b23c11e2cffd5d5ff69c2da62fcad691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 08:55:41 GMT
server: nginx
etag: "fde2-5efda048516aa-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9419

GET
H2 200 runtime.2ac11785.js Show response
tautaruna.nra.lv/build/ 1 KB
857 B 57ms
56ms Script
application/javascript 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tautaruna.nra.lv/build/runtime.2ac11785.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 67a522c595aac5ec40ecd5250dad7a2729b753a573a74f3b41fc141ec523f7cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 08:55:42 GMT
server: nginx
etag: "49d-5efda0491b910-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 675

GET
H2 200 rekl.294e92f4.js Show response
tautaruna.nra.lv/build/ 7 KB
3 KB 57ms
57ms Script
application/javascript 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tautaruna.nra.lv/build/rekl.294e92f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 07616e352deac01960c1c5896efe6b30febcdf93f6d4067d7f81ae60fda7fe00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 08:55:42 GMT
server: nginx
etag: "1b22-5efda0491b910-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2521

GET
H2 200 app.d6f65f2b.js Show response
tautaruna.nra.lv/build/ 100 KB
35 KB 111ms
111ms Script
application/javascript 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tautaruna.nra.lv/build/app.d6f65f2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: dd785c7bc13b52e00198fd9fc6e48acdc3794e44b7c7f69ecf0fdbcc449d6a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 08:55:41 GMT
server: nginx
etag: "19177-5efda0484f76a-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 35883

GET
H2 200 css
fonts.googleapis.com/ 9 KB
864 B 93ms
43ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cde19f23e9983b37377d1b03942ddb6c753412a1208d4ae7518d6a2564276b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 04:45:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Feb 2023 04:45:22 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
776 B 80ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Feb 2023 04:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 04:45:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Feb 2023 04:45:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 81ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KWMGS8E4D4

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaa3173b503b29b71c1cf2169d367794cd610d9c4144fd228068f7cf9b82061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 04:45:23 GMT

GET
H2 200 tautaruna-nra-lv.min.js Show response
core.dimatter.ai/pubs/ 397 KB
142 KB 149ms
44ms Script
application/javascript 193.200.125.237
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software: nginx /
Resource Hash: e64223a1324cff76961d46dff0afd1849cba095af7eda85a1213a40350f41786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 15:12:57 GMT
server: nginx
age: 2373
etag: "63e118f9-63461"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 144988
expires: Mon, 20 Feb 2023 04:45:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/lv_LV/ 3 KB
2 KB 81ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/lv_LV/sdk.js

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46832e49da724b596dc24c1f5436ce3f2534399d0bb89b4733f400d95cde7fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tautaruna.nra.lv/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 04:45:23 GMT
content-md5: A9ToQboOZABQedXt6c75jQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ALwdf6t/XsLAanIjS1XGyp8AvXyUk3OAG+58rkg0+Tt95wE8fCHmA48f141e1UEDImo82KJLwgU5A26WX0wPxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: a50d80b223b24c2118d66f86e6d6973f
cross-origin-opener-policy: same-origin-allow-popups
etag: "cd89cf70591a6fbb8e7ec29f7b4092f1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 19 Feb 2023 04:46:50 GMT

GET
H2 200 logo.svg
tautaruna.nra.lv/build/images/ 4 KB
4 KB 61ms
59ms Image
image/svg+xml 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tautaruna.nra.lv/build/images/logo.svg
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 4ccc1ad281a21a02dd7eb472229600ec7f8206aacf0c978f524eae352dffcfc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sat, 25 Jan 2020 16:34:38 GMT
server: nginx
accept-ranges: bytes
etag: "fc3-59cf9734bd802"
content-length: 4035
content-type: image/svg+xml

GET
H2 200 60x60px_def.jpg
tautaruna.nra.lv/_img/defprofile/ 2 KB
2 KB 60ms
58ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tautaruna.nra.lv/_img/defprofile/60x60px_def.jpg?1
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: df265393b38c36f6b8287a3d0277617e9518d515a09dc7413abc187ecb3c732d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Mon, 27 Mar 2017 08:14:19 GMT
server: nginx
etag: "58d8c9db-877"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2167
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 60x60px_p57478_61ed9fa6378b8.jpg
zinas.nra.lv/_mm/uimgs/22/01/23/ 3 KB
3 KB 162ms
55ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zinas.nra.lv/_mm/uimgs/22/01/23/60x60px_p57478_61ed9fa6378b8.jpg?1642962854
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 109bf42c725706558b138466cde48cd68bda4473f47b97c52137c73c7dc7decd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sun, 23 Jan 2022 18:34:15 GMT
server: nginx
etag: "61ed9fa7-a3b"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2619
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 60x60px_p60669_63f0a2e21b982.jpg
zinas.nra.lv/_mm/uimgs/23/02/18/ 3 KB
3 KB 159ms
53ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zinas.nra.lv/_mm/uimgs/23/02/18/60x60px_p60669_63f0a2e21b982.jpg?1676714722
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 26de9a5d13307ace37aa27c11fc5ee0b4f8adabb63c993d168a5f4668954caf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sat, 18 Feb 2023 10:05:23 GMT
server: nginx
etag: "63f0a2e3-c12"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3090
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 60x60px_p19024_5c3168144f7e8.jpg
zinas.nra.lv/_mm/uimgs/19/01/06/ 3 KB
3 KB 161ms
55ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zinas.nra.lv/_mm/uimgs/19/01/06/60x60px_p19024_5c3168144f7e8.jpg?1546741781
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 00e13a6be1a0f28595d9d65ac94ce5b37ff455017ee709bba730b77b0799a588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sun, 06 Jan 2019 02:29:42 GMT
server: nginx
etag: "5c316816-c14"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3092
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 60x60px_p60667_63f07b87eb920.jpg
zinas.nra.lv/_mm/uimgs/23/02/18/ 4 KB
5 KB 160ms
54ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zinas.nra.lv/_mm/uimgs/23/02/18/60x60px_p60667_63f07b87eb920.jpg?1676704648
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: d42559a9bbda1d3cae3abcc5b12c327986d57030d459e8a44dbf88630e134e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sat, 18 Feb 2023 07:17:29 GMT
server: nginx
etag: "63f07b89-11af"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4527
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 60x60px_p60666_63f0264caae9c.jpg
zinas.nra.lv/_mm/uimgs/23/02/18/ 2 KB
2 KB 161ms
55ms Image
image/jpeg 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zinas.nra.lv/_mm/uimgs/23/02/18/60x60px_p60666_63f0264caae9c.jpg?1676682829
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 07e2991d0b8fc9bcd8e383995cb38eb615911978cc5896c38e6bc31371697ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Sat, 18 Feb 2023 01:13:50 GMT
server: nginx
etag: "63f0264e-8ee"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2286
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 1138556934481314570.js Show response
apps-cdn.relevant-digital.com/static/tags/ 3 KB
2 KB 221ms
41ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-cdn.relevant-digital.com/static/tags/1138556934481314570.js
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / Express
Resource Hash: 0575085d0c63052cf57637aa8660493879d001156fb7a3879b2cd47042bd822d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: HIT
x-77-cache: HIT
x-age: 832044
x-77-nzt: Abk73BCdZQT/LLIMAA
x-accel-expires: @1701869879
last-modified: Mon, 07 Mar 2022 10:16:41 GMT
server: CDN77-Turbo
etag: W/"baa-17f63e19135"
x-77-nzt-ray: 9083393017da31a363a9f16341b6670a
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=25920000, max-age=0

GET
H2 200 hmapxy.js Show response
ghmlv.hit.gemius.pl/ 32 KB
10 KB 167ms
40ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ghmlv.hit.gemius.pl/hmapxy.js
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 3f6b97ccb40a8c777dcce72438447a55757498526ab8f8cec32ce9799c27da61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 08:59:41 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: CSDATA59413B31
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 9945
expires: Sun, 19 Feb 2023 16:45:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
33ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 03:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 05:12:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 215ms
74ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/build/rekl.294e92f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26544
x-xss-protection: 0
server: sffe
etag: "1487 / 571 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 04:45:23 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/_UMQMV0c4sR2-/nra.lv/ 5 KB
2 KB 134ms
48ms Script
application/javascript 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/_UMQMV0c4sR2-/nra.lv/choice.js?tag_version=V2
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2f9950a5c571b3b30f33d2be82677b6cf18e110a4c4804ad3b3a2373f8e0cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 05:40:32 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 46
x-amz-server-side-encryption: AES256
etag: W/"a76eca4b57552d0a7f7ba40df3572a64"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: O_ejnX-SiosYEfJaTZH4_xMVLmdhz01GH2ia5EF_N6mrQO75BjZa_w==

GET
H2 200 xgemius.js Show response
galv.hit.gemius.pl/ 64 KB
17 KB 83ms
41ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://galv.hit.gemius.pl/xgemius.js
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 1e28ca80b29a9738d214cd3594ca03dc74e81c8905252054797501d9f7759fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 08:59:41 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17134
expires: Sun, 19 Feb 2023 16:45:23 GMT

GET
H2 200 icons.v2.be563a48.png
tautaruna.nra.lv/build/images/ 3 KB
4 KB 57ms
56ms Image
image/png 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tautaruna.nra.lv/build/images/icons.v2.be563a48.png
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/build/app.df501b36.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: 7accb7b44ab7a643a02dc6e2d3258ae762c965cb6b2a023e65c54ab3d4632e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/build/app.df501b36.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Fri, 09 Apr 2021 10:04:01 GMT
server: nginx
etag: "60702691-dad"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3501
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 22 KB
22 KB 162ms
71ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1aafda99f9de933d1dd9ff537610573c964d1dae7276c3d9b3074196ed9331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:25:22 GMT
x-content-type-options: nosniff
age: 188401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 00:25:22 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 126ms
35ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:59:31 GMT
x-content-type-options: nosniff
age: 272752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 00:59:31 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 24 KB
24 KB 237ms
146ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 21:18:28 GMT
x-content-type-options: nosniff
age: 199615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24064
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:01:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 21:18:28 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 247ms
156ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:43:54 GMT
x-content-type-options: nosniff
age: 230489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:43:54 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3a-oXZ-.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 29 KB
29 KB 236ms
149ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3VSMr3a-oXZ-.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b299d9b5e3dd1df8ce9bb25bfebfa6570e706a03939c35386562af36b4800a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:52:07 GMT
x-content-type-options: nosniff
age: 186796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29980
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 00:52:07 GMT

GET
H2 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3a-oXZ-.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 33 KB
33 KB 222ms
136ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3a-oXZ-.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

980b270269158f48bb1843aa51d4fa690339a414dbe32e3a094928162c097344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:40:01 GMT
x-content-type-options: nosniff
age: 209122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33628
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:40:01 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUhiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 8 KB
8 KB 236ms
154ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUhiZTaR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

724067d31e2704bbf38f35de697366b2941a411cca12b104413b7977d0e71a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:51:06 GMT
x-content-type-options: nosniff
age: 230057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8064
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:51:06 GMT

GET
H2 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 22 KB
22 KB 190ms
131ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:23:55 GMT
x-content-type-options: nosniff
age: 188488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22676
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 00:23:55 GMT

GET
H2 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1fGuukef.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 30 KB
30 KB 216ms
157ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1fGuukef.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400|Fira+Sans+Extra+Condensed:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd58acd0660080866408a2b35aeeca61364bc9a98039b98c39ef1748d6ba3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:06:45 GMT
x-content-type-options: nosniff
age: 229118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30624
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:06:45 GMT

GET
H/1.1 200
OK nra.png
nra.ilaipa.lv/ 68 B
304 B 724ms
25ms Image
image/png 178.62.251.85
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nra.ilaipa.lv/nra.png?v=eyJsIjoiaHR0cHM6Ly90YXV0YXJ1bmEubnJhLmx2L2ZvcnVtcy90ZW1hLzQ4NDY1LWRyLWRlYm9yYWgtYmlyeC1zYXlzLXNoZS1rbmV3LWNvdmlkLXZhY2NpbmVzLXdvdWxkLW5vdC1wcm90ZWN0LWFnYWluc3QtaW5mZWN0aW9uLyIsInIiOiIifQ%3D%3D
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.62.251.85 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 04:45:23 GMT
Last-Modified: Mon, 23 May 2022 20:29:20 GMT
Server: nginx/1.20.2
ETag: "628beea0-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

GET
H2 200 sdk.js Show response
connect.facebook.net/lv_LV/ 301 KB
85 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/lv_LV/sdk.js?hash=d071c6769a9053b0b13288b9cf67cc31

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/lv_LV/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38395007b7539586ffeb87d2e8a8feb82672e2c55d47f17ee01810efc39b6770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tautaruna.nra.lv/
Origin: https://tautaruna.nra.lv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 04:45:23 GMT
content-md5: tNFKER/zG09N22eHnA2AVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87071
x-fb-rlafr: 0
x-fb-debug: DKHt90uJpj9QBSOh5HxdQQUAlil8a7afP+axE6vLjql0OCOUJtLlUWqcZGOAp6dq14f/gU1Xqau5pCojeZBO+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: 3a5cf145c75c5f35be46f540e95339f8
cross-origin-opener-policy: same-origin-allow-popups
etag: "e4b175b228c4497cf679bff3b3a10461"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 19 Feb 2024 02:42:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8CNV0T6WBL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KWMGS8E4D4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

212826f11f4e95d4dcea885a508b5fb7ebd8ecd1a0dee904efb5680f372da3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 04:45:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 93ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KWMGS8E4D4&gtm=45je32f0&_p=1964086821&cid=1868368041.1676781923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676781923&sct=1&seg=0&dl=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&dt=Lapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KWMGS8E4D4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 39ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8CNV0T6WBL&gtm=45je32f0&_p=1964086821&cid=1868368041.1676781923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676781923&sct=1&seg=0&dl=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&dt=Lapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8CNV0T6WBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 55ms
53ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1964086821&t=pageview&_s=1&dl=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&ul=en-us&de=UTF-8&dt=Lapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAEABAAAAACAAI~&jid=1568103621&gjid=1821832455&cid=1868368041.1676781923&tid=UA-3406177-4&_gid=976183099.1676781923&_r=1&_slc=1&cd1=0&z=1530468445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 108 KB
34 KB 129ms
36ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: apps-cdn.relevant-digital.com
URL: https://apps-cdn.relevant-digital.com/static/tags/1138556934481314570.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0a05e474bd6d4ce3eaeedc0a272ae2dd608a06758eda5aaa287a812d66787a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 04:45:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 13:03:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34903
Expires: Sun, 19 Feb 2023 05:45:23 GMT

GET
H2

200

redot.gif
ghmlv.hit.gemius.pl/__/_16767819232490/
Redirect Chain

https://ghmlv.hit.gemius.pl/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah...
https://ghmlv.hit.gemius.pl/__/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-debo...

43 B
219 B

39ms
39ms

Image
image/gif

54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghmlv.hit.gemius.pl/__/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&ref=&extra=title%3DLapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81%7Cauthor%3D&inner=_ver%3D59%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&sendf=0
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 43
expires: Sat, 18 Feb 2023 04:45:23 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_16767819232490/redot.gif?l=4&w=hview&id=0nHlpKdPrT2nJVROkmHqPnXojwfNNptOR_W9_HiGp1v.W7&arg=0&fr=1&href=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&ref=&extra=title%3DLapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81%7Cauthor%3D&inner=_ver%3D59%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&sendf=0
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 18 Feb 2023 04:45:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 219 KB
54 KB 74ms
23ms Script
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:31:26 GMT
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront), 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 21:28:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1, FRA56-P5
age: 838
x-amz-server-side-encryption: AES256
etag: W/"0b8b1ce84f37b3852d15570cccfe1752"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: Tzn1VDmcrcV4i4kVr558p8FkbtT8ogElIALyhu8CGGM2FgxUN4feyg==

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 108 KB
34 KB 154ms
36ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0a05e474bd6d4ce3eaeedc0a272ae2dd608a06758eda5aaa287a812d66787a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 04:45:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 13:03:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34903
Expires: Sun, 19 Feb 2023 05:45:23 GMT

GET
H/1.1 200
OK track_banners_init.js Show response
cdn.cxense.com/ 24 KB
7 KB 99ms
34ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/track_banners_init.js
Requested by: Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 04:45:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Feb 2023 07:20:00 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6300
Expires: Sun, 19 Feb 2023 05:45:23 GMT

GET
H2 200 otToken.js Show response
storage.googleapis.com/fledge-tests/ 413 B
1009 B 87ms
21ms Script
application/x-javascript 2a00:1450:4001:806::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/fledge-tests/otToken.js
Requested by: Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:14:48 GMT
age: 1835
x-guploader-uploadid: ADPycdsmnKQW9seN0rBqwsHAK52XgvWp9fRENY_UHUR8AjYEwpqEZIin_SfZh4FVs6p9tRlQC8pe5L9M9vKAW4g7DfGHUIUdwWFs
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 413
last-modified: Tue, 08 Nov 2022 10:42:35 GMT
server: UploadServer
etag: "483749ebdd3ce30b016713e5624a0bf8"
x-goog-generation: 1667904155021583
x-goog-hash: crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type: application/x-javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 413
accept-ranges: bytes
expires: Sun, 19 Feb 2023 05:14:48 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 154ms
23ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_UMQMV0c4sR2-/nra.lv/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 80b722bb38fe1d1910fcbe62ce22abe0ce5b9689e49f869a7b050d2ba3be5393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: gzip
etag: "nKU5ibguwDn/EkwRTn3C4Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 26 Feb 2023 04:45:23 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
47 KB 36ms
36ms Script
text/javascript 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_UMQMV0c4sR2-/nra.lv/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:31:49 GMT
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 08 Feb 2023 17:32:57 GMT
server: AmazonS3
etag: W/"15d537792bfc5eb18136ef129a7ec0a5"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: LS-kuV5kkXGA3EpMePWczDSNeppYgfv3iPkoLdmjyT2ygDNjBpzAZQ==

GET
H2 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
129 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Feb 2024 12:09:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 602 B
322 B 133ms
60ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tautaruna.nra.lv

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54d2ae0326b1a31a4b0f346a0551aa4ed62ef5bb9e9a4257be1e65d43e21c3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 297
x-xss-protection: 0
expires: Sun, 19 Feb 2023 04:45:23 GMT

GET
H2 200 qcCmp.html Show response
nra.lv/ Frame 272C 3 KB
1 KB 103ms
54ms Document
text/html 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nra.lv/qcCmp.html
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: c6d7b3769f7f19ab5062f98eb4dc28a75da27fdded0b1807c59e92203b837eef

Request headers

Referer: https://tautaruna.nra.lv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1058
content-type: text/html
date: Sun, 19 Feb 2023 04:45:23 GMT
etag: "de2-5ba094baac4c0-gzip"
last-modified: Fri, 29 Jan 2021 12:39:30 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 63ms
21ms XHR
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
date: Sun, 19 Feb 2023 01:50:39 GMT
x-amz-cf-pop: FRA56-P5
age: 15541
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: PBzGnx-ck7pGtqZ-m6FOs7MBNgyIox8kKKnHZGDmfvWAbxXRUl06xw==

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 6398 684 B
749 B 34ms
33ms Document
text/html 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://tautaruna.nra.lv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Sun, 19 Feb 2023 04:45:23 GMT
Expires: Wed, 01 Mar 2023 04:45:23 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 204
No Content /
c.cintnetworks.com/ 0
257 B 169ms
29ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/?a=2495&i=502520002&id=evid_502520002:leawnwiawx6ehnd4
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 04:45:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Arr-Disable-Session-Affinity: true
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2 200 rules-p-_UMQMV0c4sR2-.js Show response
rules.quantcount.com/ 160 B
634 B 82ms
21ms Script
application/javascript 2600:9000:223c:a600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_UMQMV0c4sR2-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa6160b27bb3d6ccbed0293a30940c677d1306ddba39add036d2e3ce29a868e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:08:16 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:31:04 GMT
server: AmazonS3
etag: "d944af1a4b138ef96fbd3403abe7b205"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: FXDN3QJVbffC8MHD1zaobDMIOUXTMvPbWscikxczQFTT5bWWS9xhWA==

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 6398 108 KB
34 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b5b6703eb8b13227d6ebe52f7bf2ba497e70ed51336ffffa92a090e410f6ccb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 04:45:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 13:03:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34903
Expires: Sun, 19 Feb 2023 05:45:23 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 152ms
48ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftautaruna.nra.lv%2F&domain=tautaruna.nra.lv&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tautaruna.nra.lv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 19 Feb 2023 04:45:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 226666
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftautaruna.nra.lv%2F&domain=tautaruna.nra.lv&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=S547LHxOTnUvNnVHOHhIQUErcDVMNVYydmJsekoxYS9NN0kvc3dYSGI0YlV3OTNBLzIrT0ErUkZYbjB2SjAvUUdNL2V4UzhHbkFSRTVJazNRRVVMOHd2bTB5eHI1b1M3cDlvbWVzaHZ1S0t0K3FGYnBYdEh0Lzl5WUdrK2...

343 B
631 B

86ms
29ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S547LHxOTnUvNnVHOHhIQUErcDVMNVYydmJsekoxYS9NN0kvc3dYSGI0YlV3OTNBLzIrT0ErUkZYbjB2SjAvUUdNL2V4UzhHbkFSRTVJazNRRVVMOHd2bTB5eHI1b1M3cDlvbWVzaHZ1S0t0K3FGYnBYdEh0Lzl5WUdrK2p5enpldWdJNXRuY0JBKzR3dUpLeDgxVG1BVWtEU3F1WTBwUTQ3Q1BKU2VjRjdGTDZSQW8wdlpmTlRaS3hlZ3cydi9uakxYZnB0Wk9FbDkyT0J6VFB3Y1IyUzhrK1dyajhqcWJtK2tyUGlqa2U4cHJOSm5kVDNnMFVrWFBLUXBMV1ZyOVY5bG1yfA&cppv=2

Requested by

Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

56579fb7e0e918cd1316f131ca94b154a16c505451d1a239368b67a41749ae35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 702048
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=S547LHxOTnUvNnVHOHhIQUErcDVMNVYydmJsekoxYS9NN0kvc3dYSGI0YlV3OTNBLzIrT0ErUkZYbjB2SjAvUUdNL2V4UzhHbkFSRTVJazNRRVVMOHd2bTB5eHI1b1M3cDlvbWVzaHZ1S0t0K3FGYnBYdEh0Lzl5WUdrK2p5enpldWdJNXRuY0JBKzR3dUpLeDgxVG1BVWtEU3F1WTBwUTQ3Q1BKU2VjRjdGTDZSQW8wdlpmTlRaS3hlZ3cydi9uakxYZnB0Wk9FbDkyT0J6VFB3Y1IyUzhrK1dyajhqcWJtK2tyUGlqa2U4cHJOSm5kVDNnMFVrWFBLUXBMV1ZyOVY5bG1yfA&cppv=2
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 264056
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
545 B 85ms
22ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

2f3f6589e4f416de5c6c38d9b3b2acae2ebfed796634fc627eb0dc58148fc2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tautaruna.nra.lv
date: Sun, 19 Feb 2023 04:45:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 62 B
678 B 100ms
30ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=9bc51b3b50d830eeacfdf8a62ed1e60d6cc78c79&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22leawnwiawx6ehnd4%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ 43 B
468 B 125ms
31ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.11&typ=pgv&rnd=leawnwiask219syu&sid=5857301321760177737&loc=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&new=1&arf=0&ltm=1676781923413&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=leawnwiwksm1y346&ckp=leawnwiawx6ehnd4&glb=&cp_userState=anon
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Sun, 19 Feb 2023 04:45:23 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 6398 46 B
635 B 85ms
28ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 1af43dbe697995724566d6a04e3cb0bede60dd88ba32398219e098d07708ca20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Fri, 19 Aug 2022 04:45:23 GMT
server: Jetty(9.4.28.v20200408)
etag: 3bw86t6hlyaciqbgvvqzsooff
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 46
expires: Mon, 19 Feb 2024 04:45:23 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 80ms
21ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

79a7f05e6873c8ab6158e350efc0186cc7e7375bd36db61c6884d167ec028781

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tautaruna.nra.lv
date: Sun, 19 Feb 2023 04:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 105ms
27ms XHR
application/json 2600:9000:225e:9e00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffcb781ed80a91db9503ff9d2b971d8a55e3b1062610d0e7373c2964577f846b

Request headers

Accept: application/json, text/plain, */*
Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:00:39 GMT
x-amz-version-id: OSqPlQh2dAesboanu.zH8HBJO.QXo2z_
content-encoding: br
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 6285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Feb 2023 19:52:29 GMT
server: AmazonS3
etag: W/"12f623cd633f13b89439f79baf7b3f72"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: dWE5i9KQ7OPPwmKFa5CFprnbUmE5CWMmZJ_vDPD5hvjfqt-4aR2ubQ==

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 6398 43 B
468 B 31ms
31ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.11&typ=pgv&rnd=leawnwiask219syu&sid=1138556934481314570&loc=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&new=1&arf=0&ltm=1676781923413&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=leawnwiwksm1y346&ckp=leawnwiawx6ehnd4&glb=&cp_userState=anon&cst=3bw86t6hlyaciqbgvvqzsooff
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Sun, 19 Feb 2023 04:45:23 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 102 B
674 B 92ms
32ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22leawnwiawx6ehnd4%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223bw86t6hlyaciqbgvvqzsooff%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223bw86t6hlyaciqbgvvqzsooff%22%7D%5D%2C%22siteId%22%3A%225857301321760177737%22%2C%22location%22%3A%22https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F%22%7D&callback=cXJsonpCB2

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

2c103ef0c907b171518d5a5549a0b67ac179eee73afcacda6d93afb7fb26ae65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:23 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200 563.json Show response
id5-sync.com/g/v2/ 216 B
626 B 61ms
20ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/563.json

Requested by

Host: core.dimatter.ai
URL: https://core.dimatter.ai/pubs/tautaruna-nra-lv.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

9b2a15418a91990a2ac2bebd8bd4236fb95fccf231eb74cf69d6360c1fa52c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tautaruna.nra.lv
date: Sun, 19 Feb 2023 04:45:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 cmp2ui-lv.js Show response
cmp.quantcast.com/tcfv2/46/ 275 KB
67 KB 38ms
38ms Script
text/javascript 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-lv.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f992fc50b9c707382b21b95181011af068964148e91c870ad966939fb703f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 05:04:47 GMT
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 85237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 08 Feb 2023 17:32:32 GMT
server: AmazonS3
etag: W/"f0df790d483875a0da76226b7d2070ce"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: i1sL_pt9glBBVL8hfcefm8szexzQQsA5PvrvS0EfsFMo43vXrSNS_A==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 349 KB
43 KB 102ms
37ms XHR
application/json 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c2d8035a18959f370dc46e6472d4e230d97d28cf496d40e830619794ba0fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:00:37 GMT
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 6287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 19 Feb 2023 03:00:33 GMT
server: AmazonS3
etag: W/"d790b119e922d69af07814050082d542"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: GHyohwDPrRrjV7g52STXmD7nmHLSBzGWaD94kP7CDD5nD14fyPlw-Q==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
36 KB 134ms
69ms XHR
application/json 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:01:27 GMT
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 6237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 19 Feb 2023 03:01:24 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: bt11eIvwuZdegdNqsPxGQf99Vg5Et_Ztn6Np-GhUTvlj0F1RY6d7EA==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 117ms
28ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 19 Feb 2023 04:45:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 228069
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 85ms
22ms XHR
text/plain 35.156.227.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22_UMQMV0c4sR2-%22%2C%22domain%22%3A%22tautaruna.nra.lv%22%2C%22publisher%22%3A%22nra.lv%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.46%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22Mrqoq4sYUtBpHqp%2FeQc79Q%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1676781923841%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-l4p9zykm70simv2hi3go%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-lv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.227.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-227-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://tautaruna.nra.lv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 04:45:23 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 logo.png
nra.lv/build/images/ 4 KB
4 KB 53ms
53ms Image
image/png 193.108.146.39
DEAC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nra.lv/build/images/logo.png?qc-size=201,60
Requested by: Host: tautaruna.nra.lv
URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.108.146.39 , Latvia, ASN12993 (DEAC-AS, LV),
Reverse DNS: rev-193-108-146-39.deac.net
Software: nginx /
Resource Hash: c01d5cf9050f2e8b5574fa29b2d27c5ae774a72c6d97e92be2d8ee1dbe4d69fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:23 GMT
last-modified: Tue, 24 Aug 2021 16:18:13 GMT
server: nginx
etag: "61251bc5-104e"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4174
expires: Sun, 05 Mar 2023 04:45:23 GMT

GET
H2 200 purposes-LV.json Show response
cmp.quantcast.com/GVL-v2/ 39 KB
5 KB 33ms
33ms XHR
application/json 2600:9000:211a:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/purposes-LV.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=nra.lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e09a9cc9bdfd860b5a18f36f22da2c5f336171adda600fe02cccbaa63b6f9a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:00:41 GMT
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 6283
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 19 Feb 2023 03:00:33 GMT
server: AmazonS3
etag: W/"47727afdc7c275e74a048fa88d448f49"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HtRJro0RM77k5uJcjxZH4aEXldCjSHZ2oxbgz2OAgUE9QHZRYoRfkQ==

GET
H2

200

/
dmp.adform.net/serving/cookie/match/
Redirect Chain

https://csyn-r.cxense.com/?cxsite=1138556934481314570&partnerId=csr&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=fk502q9a2wpq2k29mujpxniao
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

35 B
468 B

30ms
29ms

Image
image/gif

37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

Protocol

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

gdbm.png
csyn.cxense.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cxense_ddp&google_cm&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570
https://cm.g.doubleclick.net/pixel?google_nid=cxense_ddp&google_cm=&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_tc=
https://csyn.cxense.com/gdbm.png?cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_gid=CAESEEpCiaFey6uXE4k3lcBjx2A&google_cver=1

42 B
207 B

30ms
28ms

Image
image/gif

147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csyn.cxense.com/gdbm.png?cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_gid=CAESEEpCiaFey6uXE4k3lcBjx2A&google_cver=1
Protocol: HTTP/1.1
Server: 147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: max-age=604800
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://csyn.cxense.com/gdbm.png?cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cxsite=1138556934481314570&google_gid=CAESEEpCiaFey6uXE4k3lcBjx2A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

apn.png
csyn.cxense.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fcsyn.cxense.com%2Fapn.png%3Fcxsite%3D1138556934481314570%26uid%3D%24UID%26cxckp%3Dcx%253A1jutln30baxrsykcu5n8e3h53%253A10fqq0urce3d9&gdpr=0&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcsyn.cxense.com%252Fapn.png%253Fcxsite%253D1138556934481314570%2526uid%253D%2524UID%2526cxckp%253Dcx%25253A1jutln30baxrsykcu5n8e3h53%...
https://csyn.cxense.com/apn.png?cxsite=1138556934481314570&uid=7049314980101128297&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&gdpr=0&gdpr_consent=

42 B
207 B

117ms
28ms

Image
image/gif

147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csyn.cxense.com/apn.png?cxsite=1138556934481314570&uid=7049314980101128297&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: max-age=604800
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

Redirect headers

Date: Sun, 19 Feb 2023 04:45:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8b6b20a4-c8c1-44e1-855b-4eae6e76b137
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://csyn.cxense.com/apn.png?cxsite=1138556934481314570&uid=7049314980101128297&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcsyn.cxense.com%2Fsmt.png%3Fcxsite%3D1138556934481314570%26userId%3D%5Bsas_uid%5D%26cxckp%3Dcx%253A1jutln30baxrsykcu5n8e...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://csyn.cxense.com/smt.png?cxsite=1138556934481314570&userId=[sas_uid]&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cklb=1

0
256 B

32ms
32ms

Image
text/plain

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://csyn.cxense.com/smt.png?cxsite=1138556934481314570&userId=[sas_uid]&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cklb=1
Protocol: H2
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&gdpr_consent=&url=https://csyn.cxense.com/smt.png?cxsite=1138556934481314570&userId=[sas_uid]&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9&cklb=1
pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 55C1 16 KB
6 KB 84ms
20ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://tautaruna.nra.lv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74287
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 19 Feb 2023 04:45:24 GMT
expires: Mon, 20 Feb 2023 01:23:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/
dmp.adform.net/serving/cookie/match/
Redirect Chain

https://csyn-r.cxense.com/?cxsite=5857301321760177737&partnerId=csr&cxckp=cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9
https://dmp.adform.net/serving/cookie/match/?party=1077&cid=fk502q9a2wpq2k29mujpxniao
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

35 B
468 B

31ms
30ms

Image
image/gif

37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao

Protocol

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=fk502q9a2wpq2k29mujpxniao
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 55C1 2 KB
2 KB 151ms
25ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25905888&p=30600&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 965e47d7c6bf1519de7fbaa7cb64c518bfe84a574a2b5725d1960c797b9b38f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 19 Feb 2023 04:45:24 GMT
content-length: 1846
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame E117 35 B
468 B 32ms
30ms Document
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 19 Feb 2023 04:45:24 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2777
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0d263f1-a966-4700-96ec-366b473eebf8&gdpr=0&gdpr_consent=

42 B
405 B

27ms
26ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0d263f1-a966-4700-96ec-366b473eebf8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 04:45:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 19 Feb 2023 04:45:25 GMT
Expires: Sun, 19 Feb 2023 04:45:24 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 475 4bd2ccd master zrh-pixel-x26 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c0d263f1-a966-4700-96ec-366b473eebf8&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 858D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3387247449637461974

42 B
274 B

28ms
28ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3387247449637461974
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 04:45:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3387247449637461974
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5DC1 43 B
363 B 90ms
27ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 04:45:23 GMT
expires: Sun, 19 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 240753
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK pcs.gif Show response
csyn.cxense.com/ Frame 1221 42 B
207 B 32ms
28ms Document
image/gif 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://csyn.cxense.com/pcs.gif?cxsite=1138556934481314570&userId=FE853CE7-0796-4C9F-A993-36F9F5D14E0C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=604800
content-length: 42
content-type: image/gif
date: Sun, 19 Feb 2023 04:45:24 GMT
server: Jetty(9.4.28.v20200408)

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_oU85weWTJ-pkzb59dFODA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

22ms
22ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:24 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74287
accept-ranges: bytes
content-length: 5554
expires: Mon, 20 Feb 2023 01:23:31 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 55C1
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2cc724621d4b3ddf91d0a506a7d92ebd&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e07345d6ef2b62f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://spl.zeotap.com/?zdid=1332&zcluid=2e07345d6ef2b62f
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-9519768e1582&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOP_M6AUGchhHHBca90vKRg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-951...

95 B
163 B

50ms
36ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEOP_M6AUGchhHHBca90vKRg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-9519768e1582&zcluid=2e07345d6ef2b62f&zdid=1332
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 79bc5a5a1e839256-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOP_M6AUGchhHHBca90vKRg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7398b42e-3ff7-4440-4cf7-ca0b8aeeff06&reqId=dd538ce2-98ba-4a25-40c0-9519768e1582&zcluid=2e07345d6ef2b62f&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 55C1
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&addseg=19,36,42

0
0

135ms
27ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&addseg=19,36,42
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Sun, 19 Feb 2023 04:45:24 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FE853CE7-0796-4C9F-A993-36F9F5D14E0C&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 55C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRWQ0yJy9XORakcpgI-Ni0&google_cver=1

42 B
528 B

140ms
27ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRWQ0yJy9XORakcpgI-Ni0&google_cver=1
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRWQ0yJy9XORakcpgI-Ni0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 55C1 70 B
265 B 143ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 55C1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8254725562819528862

42 B
447 B

166ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8254725562819528862
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 04:45:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8254725562819528862
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 55C1 0
260 B 173ms
32ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=30600&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=30600&predirect=https%3A%2F%2Fcsyn.cxense.com%2Fpcs.gif%3Fcxsite%3D1138556934481314570%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 04:45:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KWMGS8E4D4&gtm=45je32f0&_p=1964086821&cid=1868368041.1676781923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676781923&sct=1&seg=0&dl=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&dt=Lapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KWMGS8E4D4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8CNV0T6WBL&gtm=45je32f0&_p=1964086821&cid=1868368041.1676781923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676781923&sct=1&seg=0&dl=https%3A%2F%2Ftautaruna.nra.lv%2Fforums%2Ftema%2F48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection%2F&dt=Lapa%20netika%20atrasta%20-%20K%C4%BC%C5%ABda%20404%20-%20Tauta%20Run%C4%81&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8CNV0T6WBL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tautaruna.nra.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 04:45:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tautaruna.nra.lv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nra.lv/	1970-01-20 09:47:48	Name: NRASESSID Value: 45ou1q89805u2peec1avmj9eek
.nra.lv/	1970-01-20 19:22:21	Name: _ga_KWMGS8E4D4 Value: GS1.1.1676781923.1.0.1676781923.0.0.0
.nra.lv/	1970-01-20 19:22:21	Name: _ga_8CNV0T6WBL Value: GS1.1.1676781923.1.0.1676781923.0.0.0
.nra.lv/	1970-01-20 19:22:21	Name: _ga Value: GA1.2.1868368041.1676781923
.nra.lv/	1970-01-20 09:47:48	Name: _gid Value: GA1.2.976183099.1676781923
.nra.lv/	1970-01-20 09:46:21	Name: _gat Value: 1
.hit.gemius.pl/	1970-01-20 09:56:26	Name: Gtest Value: KlSVVRXGQMQGxTC8RSAte4cissGMXP8cERbG
.hit.gemius.pl/	1970-01-20 19:15:09	Name: Gdyn Value: KlGqwRXGQMQGxTC8RSAte4cissGMXP8cE8ySssX6nsGfGKZwH72xWSlsxcxHGS9Pge9iaQG.
.nra.lv/	1969-12-31 23:59:59	Name: cX_S Value: leawnwiwksm1y346
.nra.lv/	1970-01-20 19:15:09	Name: _pcid Value: %7B%22browserId%22%3A%22leawnwiawx6ehnd4%22%7D
.nra.lv/	1970-01-20 19:15:09	Name: cX_P Value: leawnwiawx6ehnd4
tautaruna.nra.lv/	1970-01-20 10:29:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nra.lv/	1970-01-20 19:15:09	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIFYAODgdgGYADAEZ%2BAJmG8AbCN5z%2BvEAF8gA
.nra.lv/	1969-12-31 23:59:59	Name: cX_partner Value: adform%3D2%2Cddp%3D1%2Cappnexus%3D1%2Csmart%3D1%2Cpubmatic%3D1
.cxense.com/	1970-01-20 18:31:57	Name: gckp Value: fk502q9a2wpq2k29mujpxniao
.nra.lv/	1970-01-20 19:15:09	Name: cX_G Value: cx%3A1jutln30baxrsykcu5n8e3h53%3A10fqq0urce3d9
tautaruna.nra.lv/	1970-01-20 11:55:57	Name: evid_00XX Value: cx:1jutln30baxrsykcu5n8e3h53:10fqq0urce3d9
.nra.lv/	1970-01-20 19:07:57	Name: cto_bundle Value: KEL2QF9ERUUlMkJhVGI1bjBhdmRuUHpCRGhTNWhiU1ZVRXo3cXJEZ1V3MHQlMkJncEJkMUclMkZGb0VsNmElMkIzVnJybDNoeGtXUyUyRmZYZkg0cHV3RjI0JTJGV1JJJTJCRjFtaWVuRlpQZ0xkZEdVT2N2RDRjcDNxbFRzJTNE
.nra.lv/	1970-01-20 19:07:57	Name: cto_bidid Value: CwzfjF9RUUk2bEE2SmxZZG51UFk2UnBwRkk2M2Zqd0JXbFpLbyUyRlVGSmptTFlCVHRJbFg5WTVac1F0RGVIZXhRVjFhUlZYWkFCJTJCazYzTll0QTBTNlBIQTdJeGclM0QlM0Q
.adnxs.com/	1970-01-20 11:55:57	Name: uuid2 Value: 7049314980101128297
.doubleclick.net/	1970-01-20 19:07:57	Name: IDE Value: AHWqTUkeO7Cj1sFy2vXVQuRF4ZyxtxZ-DVFTBdLXOTH937TlWAcKr7W_7Gwp5pWB6lg
.smartadserver.com/	1970-01-20 18:31:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:31:57	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.adform.net/	1970-01-20 10:26:41	Name: C Value: 1
.pubmatic.com/	1970-01-20 18:31:57	Name: KADUSERCOOKIE Value: FE853CE7-0796-4C9F-A993-36F9F5D14E0C
.pubmatic.com/	1970-01-20 11:55:57	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:47:48	Name: pi Value: 30600:2
.pubmatic.com/	1970-01-20 11:55:57	Name: DPSync3 Value: 1677974400%3A201_197_219_221
.pubmatic.com/	1970-01-20 11:55:57	Name: SyncRTB3 Value: 1677974400%3A7_161_21_54_56%7C1678060800%3A35
.smartadserver.com/	1970-01-20 18:31:57	Name: pid Value: 2508227529390275903
.adform.net/	1970-01-20 11:12:45	Name: uid Value: 8254725562819528862
.fiftyt.com/	1970-01-20 18:31:57	Name: fifid Value: 4c6b85be-e097-4964-5d2b-868cb9ecd974
.fiftyt.com/	1970-01-20 18:31:57	Name: cs Value: MTY3Njc4MTkyNHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCesK4ie3G60AvRnm48oZW7-86IrnBnLdUDezpy0z2af
.onaudience.com/	1970-01-20 18:31:57	Name: cookie Value: 2e07345d6ef2b62f
.onaudience.com/	1970-01-20 09:47:48	Name: done_redirects161 Value: 1
.fiftyt.com/	1970-01-20 09:56:26	Name: fppm Value: 20230219044524
.de17a.com/	1970-01-20 18:24:45	Name: guid Value: 1.3387247449637461974
.pubmatic.com/	1970-01-20 10:29:33	Name: KRTBCOOKIE_391 Value: 22924-8254725562819528862&KRTB&23263-8254725562819528862
.pubmatic.com/	1970-01-20 10:29:33	Name: KRTBCOOKIE_80 Value: 22987-CAESEIRWQ0yJy9XORakcpgI-Ni0&KRTB&16514-CAESEIRWQ0yJy9XORakcpgI-Ni0&KRTB&23025-CAESEIRWQ0yJy9XORakcpgI-Ni0&KRTB&23386-CAESEIRWQ0yJy9XORakcpgI-Ni0
.pubmatic.com/	1970-01-20 10:29:33	Name: KRTBCOOKIE_336 Value: 5844-3387247449637461974
.onaudience.com/	1970-01-20 09:47:48	Name: done_redirects104 Value: 1
.mathtag.com/	1970-01-20 19:12:17	Name: uuid Value: c0d263f1-a966-4700-96ec-366b473eebf8
.pubmatic.com/	1970-01-20 10:29:33	Name: KRTBCOOKIE_27 Value: 16735-uid:c0d263f1-a966-4700-96ec-366b473eebf8&KRTB&16736-uid:c0d263f1-a966-4700-96ec-366b473eebf8&KRTB&23019-uid:c0d263f1-a966-4700-96ec-366b473eebf8&KRTB&23114-uid:c0d263f1-a966-4700-96ec-366b473eebf8
.pubmatic.com/	1970-01-20 10:29:33	Name: PugT Value: 1676781925
.onaudience.com/	1970-01-20 09:47:48	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 18:31:57	Name: zc Value: 7398b42e-3ff7-4440-4cf7-ca0b8aeeff06
.zeotap.com/	1970-01-20 09:47:48	Name: zsc Value: %EAdu%DA%26l%9524U%B7%C7%93%FE%D3%0F%22%E57%EC%04%C3xq%BA%A3%C7%E0w%80%FD%DFq%1B%92%BC%F5%CC%0C%8B%3BaV%DF%1B%8B%9C%9B%14%A9%3A%10%E6ur%FE%B9%8E%27y%9E+%B8g7%9E%DA%25v0%A0G%CF%1D%80f%0A%91%8BCAp%B2
.pubmatic.com/	1970-01-20 10:29:33	Name: SPugT Value: 1676781926

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tautaruna.nra.lv/forums/tema/48465-dr-deborah-birx-says-she-knew-covid-vaccines-would-not-protect-against-infection/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
api.cxense.com
apps-cdn.relevant-digital.com
aud.pubmatic.com
audit-tcfv2.cmp.quantcast.com
c.amazon-adsystem.com
c.cintnetworks.com
c1.adform.net
cdn.cxense.com
cm.g.doubleclick.net
cmp.quantcast.com
comcluster.cxense.com
connect.facebook.net
core.dimatter.ai
csyn-r.cxense.com
csyn.cxense.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
fonts.googleapis.com
fonts.gstatic.com
galv.hit.gemius.pl
ghmlv.hit.gemius.pl
gum.criteo.com
id.cxense.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
loada.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nra.ilaipa.lv
nra.lv
p1cluster.cxense.com
pixel.onaudience.com
region1.google-analytics.com
rules.quantcount.com
scdn.cxense.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
storage.googleapis.com
sync.crwdcntrl.net
sync.mathtag.com
sync.smartadserver.com
tautaruna.nra.lv
test.cmp.quantcast.com
visitor.fiftyt.com
www.google-analytics.com
www.googletagmanager.com
zinas.nra.lv
141.95.33.111
142.250.180.226
146.59.148.16
147.75.83.64
147.75.85.120
15.197.193.217
162.19.138.120
178.250.1.11
178.250.1.9
178.62.251.85
18.66.108.49
185.29.132.241
185.64.189.110
185.64.189.115
185.64.189.229
185.64.190.81
185.86.139.103
185.89.210.180
193.108.146.39
193.200.125.237
2001:4860:4802:34::36
213.155.156.168
23.35.236.201
2600:9000:211a:8a00:9:46dc:4700:93a1
2600:9000:223c:a600:6:44e3:f8c0:93a1
2600:9000:225e:9e00:3:a4cd:8380:93a1
2606:4700:10::ac43:db6
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2010
2a00:1450:4001:808::200a
2a00:1450:4001:828::2008
2a00:1450:400d:802::2002
2a00:1450:400d:803::200e
2a00:1450:400d:808::2003
2a02:2638:3::c
2a02:26f0:11a:398::268b
2a02:6ea0:c700::10
2a03:2880:f02d:12:face:b00c:0:3
35.156.227.52
35.201.96.126
37.157.2.239
51.144.7.192
52.211.54.102
54.38.133.136
54.78.254.47
00e13a6be1a0f28595d9d65ac94ce5b37ff455017ee709bba730b77b0799a588
0152c5ca5f3fd9a124e60e2ca5bb7907b23c11e2cffd5d5ff69c2da62fcad691
0575085d0c63052cf57637aa8660493879d001156fb7a3879b2cd47042bd822d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07616e352deac01960c1c5896efe6b30febcdf93f6d4067d7f81ae60fda7fe00
07e2991d0b8fc9bcd8e383995cb38eb615911978cc5896c38e6bc31371697ac5
0a05e474bd6d4ce3eaeedc0a272ae2dd608a06758eda5aaa287a812d66787a92
0bd58acd0660080866408a2b35aeeca61364bc9a98039b98c39ef1748d6ba3ed
0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca
109bf42c725706558b138466cde48cd68bda4473f47b97c52137c73c7dc7decd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1af43dbe697995724566d6a04e3cb0bede60dd88ba32398219e098d07708ca20
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e28ca80b29a9738d214cd3594ca03dc74e81c8905252054797501d9f7759fa9
212826f11f4e95d4dcea885a508b5fb7ebd8ecd1a0dee904efb5680f372da3e4
26de9a5d13307ace37aa27c11fc5ee0b4f8adabb63c993d168a5f4668954caf5
2b2f95356652b862c3994e8425b07a396418c62aecce8c63ca20639064de0fd1
2c103ef0c907b171518d5a5549a0b67ac179eee73afcacda6d93afb7fb26ae65
2f1aafda99f9de933d1dd9ff537610573c964d1dae7276c3d9b3074196ed9331
2f3f6589e4f416de5c6c38d9b3b2acae2ebfed796634fc627eb0dc58148fc2b3
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
38395007b7539586ffeb87d2e8a8feb82672e2c55d47f17ee01810efc39b6770
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6b97ccb40a8c777dcce72438447a55757498526ab8f8cec32ce9799c27da61
46832e49da724b596dc24c1f5436ce3f2534399d0bb89b4733f400d95cde7fce
4ccc1ad281a21a02dd7eb472229600ec7f8206aacf0c978f524eae352dffcfc8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54d2ae0326b1a31a4b0f346a0551aa4ed62ef5bb9e9a4257be1e65d43e21c3d0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56579fb7e0e918cd1316f131ca94b154a16c505451d1a239368b67a41749ae35
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67a522c595aac5ec40ecd5250dad7a2729b753a573a74f3b41fc141ec523f7cb
724067d31e2704bbf38f35de697366b2941a411cca12b104413b7977d0e71a5e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
79a7f05e6873c8ab6158e350efc0186cc7e7375bd36db61c6884d167ec028781
7accb7b44ab7a643a02dc6e2d3258ae762c965cb6b2a023e65c54ab3d4632e1a
7cde19f23e9983b37377d1b03942ddb6c753412a1208d4ae7518d6a2564276b3
7dce7e24b50f7a0bac936b94de76023e48f5ec88ec4612edddbb2b6b82ba23f5
7f992fc50b9c707382b21b95181011af068964148e91c870ad966939fb703f5e
80b722bb38fe1d1910fcbe62ce22abe0ce5b9689e49f869a7b050d2ba3be5393
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
965e47d7c6bf1519de7fbaa7cb64c518bfe84a574a2b5725d1960c797b9b38f5
980b270269158f48bb1843aa51d4fa690339a414dbe32e3a094928162c097344
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9b2a15418a91990a2ac2bebd8bd4236fb95fccf231eb74cf69d6360c1fa52c8c
a7c2d8035a18959f370dc46e6472d4e230d97d28cf496d40e830619794ba0fe8
aa6160b27bb3d6ccbed0293a30940c677d1306ddba39add036d2e3ce29a868e0
aaa3173b503b29b71c1cf2169d367794cd610d9c4144fd228068f7cf9b82061c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b299d9b5e3dd1df8ce9bb25bfebfa6570e706a03939c35386562af36b4800a48
b5b6703eb8b13227d6ebe52f7bf2ba497e70ed51336ffffa92a090e410f6ccb7
c01d5cf9050f2e8b5574fa29b2d27c5ae774a72c6d97e92be2d8ee1dbe4d69fd
c6d7b3769f7f19ab5062f98eb4dc28a75da27fdded0b1807c59e92203b837eef
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18
d42559a9bbda1d3cae3abcc5b12c327986d57030d459e8a44dbf88630e134e2e
dd785c7bc13b52e00198fd9fc6e48acdc3794e44b7c7f69ecf0fdbcc449d6a34
df265393b38c36f6b8287a3d0277617e9518d515a09dc7413abc187ecb3c732d
e09a9cc9bdfd860b5a18f36f22da2c5f336171adda600fe02cccbaa63b6f9a3c
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e2f9950a5c571b3b30f33d2be82677b6cf18e110a4c4804ad3b3a2373f8e0cd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64223a1324cff76961d46dff0afd1849cba095af7eda85a1213a40350f41786
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffcb781ed80a91db9503ff9d2b971d8a55e3b1062610d0e7373c2964577f846b

tautaruna.nra.lv Open in urlscan Pro 193.108.146.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

87 %HTTPS

36 %IPv6

32 Domains

56 Subdomains

37 IPs

11 Countries

1399 kBTransfer

3935 kBSize

48 Cookies

3 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tautaruna.nra.lv Open in urlscan Pro
193.108.146.39 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

87 %
HTTPS

36 %
IPv6

32
Domains

56
Subdomains

37
IPs

11
Countries

1399 kB
Transfer

3935 kB
Size

48
Cookies

94 HTTP transactions
0 data transactions