www.k-rautapro.fi Open in urlscan Pro
2606:4700:4400::6812:289c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.k-rautapro.fi/
Effective URL:
https://www.k-rautapro.fi/login
Submission: On October 18 via automatic, source certstream-suspicious (October 18th 2023, 8:42:24 pm UTC) — Scanned from FI

Summary HTTP 20 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2606:4700:4400::6812:289c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.k-rautapro.fi.
TLS certificate: Issued by E1 on August 28th 2023. Valid for: 3 months.

This is the only time www.k-rautapro.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6813:9913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	2606:4700:440... 2606:4700:4400::6812:289c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
5	143.204.98.99 143.204.98.99	16509 (AMAZON-02) (AMAZON-02)
20	4

1 2606:4700::6813:9913 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.k-rautapro.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::6812:289c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

k-rautapro.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.k-rautapro.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-99.fra50.r.cloudfront.net

sync.kesko.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.ksync.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	k-rautapro.fi 3 redirects login.k-rautapro.fi k-rautapro.fi www.k-rautapro.fi	1 MB
4	kesko.fi sync.kesko.fi	99 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	260 KB
1	ksync.fi sync.ksync.fi	2 KB
20	4

	Domain	Requested by
13	www.k-rautapro.fi	1 redirects www.k-rautapro.fi www.googletagmanager.com
4	sync.kesko.fi	www.googletagmanager.com www.k-rautapro.fi sync.kesko.fi
3	www.googletagmanager.com	www.k-rautapro.fi www.googletagmanager.com
1	sync.ksync.fi	www.k-rautapro.fi
1	k-rautapro.fi	1 redirects
1	login.k-rautapro.fi	1 redirects
20	6

This site contains links to these domains. Also see Links.

Domain
www.k-rauta.fi
tietosuoja.kesko.fi

Subject Issuer	Validity	Valid
k-rautapro.fi E1	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sync.ksync.fi Amazon RSA 2048 M02	`2023-03-14` - `2024-04-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.k-rautapro.fi/login
Frame ID: 0DE405272A5FC7B1719DA563B9955114
Requests: 21 HTTP requests in this frame

Frame: https://sync.ksync.fi/xdomain_cookie.html
Frame ID: 2221D97A4C2CAE08AEEC0820D5656165
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

K-RautaBig Arrow

Page URL History Show full URLs

https://login.k-rautapro.fi/ HTTP 302
https://k-rautapro.fi/ HTTP 301
https://www.k-rautapro.fi/ HTTP 307
https://www.k-rautapro.fi/login Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

1779 kB
Transfer

6523 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.k-rauta.fi/pro/kayttoehdot
Title: Käyttöehdot

Search URL Search Domain Scan URL

URL: https://www.k-rauta.fi/pro/tietosuojaseloste
Title: henkilötietojeni käsittelyn

Search URL Search Domain Scan URL

URL: https://www.k-rauta.fi/myymalat
Title: täältä.

Search URL Search Domain Scan URL

URL: https://www.k-rauta.fi/sivu/kanta-asiakkuus
Title: Lisätietoa tiliasiakkuudesta.

Search URL Search Domain Scan URL

URL: https://tietosuoja.kesko.fi/tietosuojakeskossa/evastekaytannot
Title: K-ryhmän evästekäytännöistä

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.k-rautapro.fi/ HTTP 302
https://k-rautapro.fi/ HTTP 301
https://www.k-rautapro.fi/ HTTP 307
https://www.k-rautapro.fi/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.k-rautapro.fi/
Redirect Chain

https://login.k-rautapro.fi/
https://k-rautapro.fi/
https://www.k-rautapro.fi/
https://www.k-rautapro.fi/login

1008 KB
115 KB

533ms
532ms

Document
text/html

2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fba362ecfa04aae88f7d12c20334c5629f53d397f813085dfe76596e0557070

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 81839b6a68bed943-HEL
content-encoding: gzip
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-type: text/html; charset=utf-8
date: Wed, 18 Oct 2023 20:42:19 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: no-referrer
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697661738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=fAMDg4Q0R3L1zaKEzdckO7VLew8GsS16Y2t7Dh%2Fzs%2B0%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697661738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=fAMDg4Q0R3L1zaKEzdckO7VLew8GsS16Y2t7Dh%2Fzs%2B0%3D
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Sec-Fetch-Site, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex
x-xss-protection: 0

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 81839b67dc67d943-HEL
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-type: text/html; charset=utf-8
date: Wed, 18 Oct 2023 20:42:18 GMT
location: /login
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Sec-Fetch-Site, Accept, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex
x-xss-protection: 0

GET
H2 200 SkattaSans-Regular.woff
www.k-rautapro.fi/static/fonts/ 42 KB
46 KB 49ms
47ms Font
font/woff 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/fonts/SkattaSans-Regular.woff

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9569678fbf0295878e14d6c25bbf031853a0e6c2cde6fa9fd2f14193e2301a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.k-rautapro.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
x-permitted-cross-domain-policies: none
age: 125402
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-length: 43390
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Mon, 16 Oct 2023 08:18:00 GMT
server: cloudflare
etag: W/"a97e-18b379036c0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: font/woff
cache-control: public, max-age=31104000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 81839b6ddf9ad943-HEL
expires: Sat, 12 Oct 2024 20:42:19 GMT

GET
H2 200 SkattaSans-Bold.woff
www.k-rautapro.fi/static/fonts/ 49 KB
52 KB 81ms
79ms Font
font/woff 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/fonts/SkattaSans-Bold.woff

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24f8f1ee8d0a38703a636af7c34dc314a7fdf06a63e774221fb3665351038232

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.k-rautapro.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
x-permitted-cross-domain-policies: none
age: 307823
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-length: 50032
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 12 Oct 2023 10:03:19 GMT
server: cloudflare
etag: W/"c370-18b23573258"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: font/woff
cache-control: public, max-age=31104000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 81839b6ddfa2d943-HEL
expires: Sat, 12 Oct 2024 20:42:19 GMT

GET
H2 200 features-authentication-LoginPage.3efefd2fab5316320377.css
www.k-rautapro.fi/static/ 2 KB
4 KB 89ms
87ms Stylesheet
text/css 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/features-authentication-LoginPage.3efefd2fab5316320377.css

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562168b67225f13a98146877d693c35b7c242104f0336038120f9576736928a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"94d-GnJB8ajTv7vy97BztZmGw/2iQsA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31104000000
x-robots-tag: noindex
cf-ray: 81839b6ddf9dd943-HEL
expires: Sun, 11 Jun 3009 20:42:19 GMT

GET
H2 200 main.60109641540c55be2dd0.css
www.k-rautapro.fi/static/ 329 KB
54 KB 61ms
59ms Stylesheet
text/css 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/main.60109641540c55be2dd0.css

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a753c114750164b1578b03b6b90020f35f236217e587abd544f5a7e94440d778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur
age: 127923
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"5225e-2Kmen83HUVsVlvq3h3n72cCrNb0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31104000000
x-robots-tag: noindex
cf-ray: 81839b6ddf9fd943-HEL
expires: Sun, 11 Jun 3009 20:42:19 GMT

GET
H2 200 vendor.bundle.5862cc0a77cc30b689e5.js Show response
www.k-rautapro.fi/static/ 2 MB
699 KB 112ms
110ms Script
application/javascript 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/vendor.bundle.5862cc0a77cc30b689e5.js

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2f3a57c8a731035f0135922f9aa2ce27feea5f2292ab34c5a7e4125bd2f7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: gzip
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
via: 1.1 vegur
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697533816&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=W0KaD97ozvH9PvUrnQZaJizzCxcvM5IBQxtBbDRwIn4%3D
referrer-policy: no-referrer
server: cloudflare
etag: W/"23cdd0-LJOHrcLW7lsfcxqUWXI2M6zCrSU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: application/javascript; charset=utf-8
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697533816&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=W0KaD97ozvH9PvUrnQZaJizzCxcvM5IBQxtBbDRwIn4%3D"}]}
cache-control: public, max-age=31104000000
x-robots-tag: noindex
cf-ray: 81839b6ddfa5d943-HEL
expires: Sun, 11 Jun 3009 20:42:19 GMT

GET
H2 200 main.bundle.1ba56b9c1e2c6c82a3fc.js Show response
www.k-rautapro.fi/static/ 2 MB
423 KB 87ms
85ms Script
application/javascript 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/main.bundle.1ba56b9c1e2c6c82a3fc.js

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24285b25616b8e0abcc87027a8fc557f04f1a0c7d91ade343c51a52d26cb2384

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur
age: 127923
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"1b60e7-x4BoJxxyieAGKfkkPFECtOARFf4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31104000000
x-robots-tag: noindex
cf-ray: 81839b6ddfa7d943-HEL
expires: Sun, 11 Jun 3009 20:42:19 GMT

GET
H2 200 features-authentication-LoginPage.bundle.64576ec2a2e227caa60c.js Show response
www.k-rautapro.fi/static/ 20 KB
9 KB 57ms
56ms Script
application/javascript 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/static/features-authentication-LoginPage.bundle.64576ec2a2e227caa60c.js

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6f0da9bf42204b7819caa1172be34a44211ccc0e18a60fba45c2eb9d19240f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 vegur
age: 44312
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"4f18-1XRZJ8VnVUpqynU7/Fl8/G6nxv0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31104000000
x-robots-tag: noindex
cf-ray: 81839b6ddfaad943-HEL
expires: Sun, 11 Jun 3009 20:42:19 GMT

GET
H2 200 logo.svg
www.k-rautapro.fi/static/images/ 6 KB
6 KB 52ms
51ms Image
image/svg+xml 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.k-rautapro.fi/static/images/logo.svg

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18be14503b5e437baf3ecb29edf5ce7f662a65191a2204d6bfe5def184f66bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: gzip
age: 202399
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
via: 1.1 vegur
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697459340&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=4a57dF1f6xgPgEKaF1kiCMKQqEYuByV7uRIGuTLg%2B%2Fc%3D
referrer-policy: no-referrer
last-modified: Thu, 12 Oct 2023 10:03:19 GMT
server: cloudflare
etag: W/"17e9-18b23573258"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site, Accept-Encoding
content-type: image/svg+xml
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697459340&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=4a57dF1f6xgPgEKaF1kiCMKQqEYuByV7uRIGuTLg%2B%2Fc%3D"}]}
cache-control: public, max-age=31104000
x-robots-tag: noindex
cf-ray: 81839b6e3876d943-HEL
expires: Sat, 12 Oct 2024 20:42:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
84 KB 227ms
90ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TN3JWPK

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90541057363b84dce136374c1ab08274268b69cc3f6311d839ae047a44c31b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85333
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 20:16:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 20:42:19 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 basket Show response
www.k-rautapro.fi/api/ 0
4 KB 239ms
239ms XHR
text/plain 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/api/basket

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/static/vendor.bundle.5862cc0a77cc30b689e5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-length: 0
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options: noopen
x-ratelimit-remaining: 149
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Site
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-ratelimit-reset: 1697661791
x-ratelimit-limit: 150
x-robots-tag: noindex
cf-ray: 81839b720f95d943-HEL
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
90 KB 93ms
92ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWMDZL7&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN3JWPK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd04df5979c995042b8aca9cc238312bb93869c935bfdf197fe526677514dbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92451
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 20:16:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 20:42:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
86 KB 88ms
88ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WM2BK7C&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN3JWPK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c89b36ac542817b5a8eadbb07327a34bae582218f283c4a036442a25f648de0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87463
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 20:16:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 20:42:19 GMT

POST
H2 204 csp-report
www.k-rautapro.fi/ 0
4 KB 278ms
278ms Other
text/plain 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/csp-report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWMDZL7&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 18 Oct 2023 20:42:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
via: 1.1 vegur
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697661740&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=DpXKIiqAsTQIVDle6bxQXVFW2rnDerwqWB%2BiWP9hlag%3D
referrer-policy: no-referrer
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697661740&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=DpXKIiqAsTQIVDle6bxQXVFW2rnDerwqWB%2BiWP9hlag%3D"}]}
vary: Sec-Fetch-Site
x-robots-tag: noindex
cf-ray: 81839b73eb84d943-HEL

GET
H2 200 kconsent38v2.css
sync.kesko.fi/kconsent/ 20 KB
3 KB 265ms
58ms Stylesheet
text/css 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kesko.fi/kconsent/kconsent38v2.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWMDZL7&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5839e803ddbb7da727b14429995a0ed93428f1accd6c3112c30ec0081402cc00

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 00:33:05 GMT
x-amz-version-id: 4SqGr5Vv8yeeMezGgYoHn4y6Ht55J73A
content-encoding: gzip
last-modified: Fri, 26 May 2023 13:18:23 GMT
server: AmazonS3
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"2465fbf7e5fb77b44e61bc297db26f0f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 72556
x-amz-cf-id: oVlfkF7tdkWAhmDR70nDWbBkTeks13I3VTj0FxDHysnSeNZQfd5Cxg==

GET
H2 200 xdomain_cookie.html Show response
sync.ksync.fi/ Frame 2221 3 KB
2 KB 265ms
56ms Document
text/html 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.ksync.fi/xdomain_cookie.html
Requested by: Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63a31d736876f7628aa5a2a73f3aff608d6653be4e5b6c4787dc7741079255c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 1563653
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Sat, 30 Sep 2023 18:21:28 GMT
etag: W/"3dfa438f187d151a0d0575b804922e58"
last-modified: Mon, 03 May 2021 07:12:50 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: Oi2-fmSFnSJKX-sOwFk9cTzkd5bXl-rhB3GcQ9mVTc3Rz19DsNGv3A==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: uomtkajvCMvi9vy2o_K77x9KuQ4ZdXyw
x-cache: Hit from cloudfront

POST
H2 204 csp-report
www.k-rautapro.fi/ 0
3 KB 102ms
102ms Other
text/plain 2606:4700:4400::6812:289c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.k-rautapro.fi/csp-report

Requested by

Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:289c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 18 Oct 2023 20:42:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
via: 1.1 vegur
x-dns-prefetch-control: off
content-security-policy-report-only: connect-src 'self' https://www.google-analytics.com *.google-analytics.com *.doubleclick.net *.analytics.google.com *.googletagmanager.com https://bam.nr-data.net *.bing.com wss://*.bing.com *.clarity.ms https://www.facebook.com https://locationservice.posti.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.zdassets.com *.zopim.com *.zendesk.com wss://*.zopim.com *.sync.ksync.fi *.ksync.k-rauta.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net *.via.placeholder.com *.google.com *.google.se *.google.no *.google.fr *.google.co.uk *.google.ru *.google.de *.google.es *.google.dk *.google.nl *.sync.kesko.fi https://js.testfreaks.com; img-src 'self' data: *.keskofiles.com http://public-qa.keskofiles.com *.imgix.net https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com images.contentful.com images.ctfassets.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://maps.googleapis.com *.bing.com *.microsoft.com https://www.facebook.com https://img.youtube.com *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net https://giosg-chat-public-eu.s3.amazonaws.com *.ytimg.com *.videoly.co *.wistia.com *.wistia.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.io *.sync.ksync.fi *.via.placeholder.com *.vumbnail.com *.sync.kesko.fi *.images.testfreaks.com; manifest-src 'self'; font-src 'self' https://fonts.gstatic.com 'unsafe-inline' data: *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.swogo.net *.googleoptimize.com *.sync.ksync.fi https://sync.kesko.fi; frame-src 'self' *.doubleclick.net *.youtube.com *.youtu.be https://utm.keskoanalytics.com/ https://keskoanalytics.s3.eu-central-1.amazonaws.com sdx.microsoft.com https://www.facebook.com https://plussa.com/ https://www.plussa.com https://www.prkk.fi https://games.kesko.fi https://www.kromo.eu *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net *.kesko.fi http://krauta-fi.stage.rautakesko.episerverhosting.com *.stage.rautakesko.episerverhosting.com *.prod.rautakesko.episerverhosting.com *.thinglink.com https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi https://sync.ksync.fi https://widget.trustpilot.com *.vimeo.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com *.analytics.google.com *.googletagmanager.com https://keskoanalytics.s3.eu-central-1.amazonaws.com *.bing.com *.giosg.com https://optimize.google.com *.googleoptimize.com https://sync.kesko.fi; script-src 'self' 'unsafe-inline' *.keskofiles.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com http://tagmanager.google.com *.doubleclick.net https://www.googleadservices.com *.analytics.google.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net https://keskoanalytics.s3.eu-central-1.amazonaws.com https://scjc708q0d.execute-api.eu-west-1.amazonaws.com https://bat.bing.com https://r.bing.com https://connect.facebook.net *.giosg.com *.adform.net *.giosgusercontent.com *.krxd.net 'unsafe-eval' *.videoly.co *.swogo.net https://optimize.google.com www.googleoptimize.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.kesko.fi *.kesko.se *.sync.ksync.fi inpref.com *.inpref.com https://d2wzl9lnvjz3bh.cloudfront.net fi1.frosmo.com *.fi1.frosmo.com https://d2oarllo6tn86.cloudfront.net *.k-rauta.fi https://widget.trustpilot.com https://sync.kesko.fi *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; default-src 'none' *.videoly.co *.youtube-nocookie.com *.youtube.com *.ytimg.com *.wistia.com *.wistia.net; style-src-elem 'self' 'unsafe-inline' https://optimize.google.com *.googleoptimize.com *.sync.ksync.fi *.k-rauta.fi; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com https://ssl.gstatic.com *.doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com *.analytics.google.com *.bing.com *.clarity.ms https://www.connect.facebook.net *.swogo.net https://optimize.google.com *.googleoptimize.com *.zdassets.com *.zopim.com *.zendesk.com *.k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com *.r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com; media-src videos.contentful.com videos.ctfassets.net; report-uri https://www.k-rautapro.fi/csp-report;
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1697661740&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=DpXKIiqAsTQIVDle6bxQXVFW2rnDerwqWB%2BiWP9hlag%3D
referrer-policy: no-referrer
server: cloudflare
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697661740&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=DpXKIiqAsTQIVDle6bxQXVFW2rnDerwqWB%2BiWP9hlag%3D"}]}
vary: Sec-Fetch-Site
x-robots-tag: noindex
cf-ray: 81839b75ef42d943-HEL

GET
H2 200 kconsent38.js Show response
sync.kesko.fi/kconsent/ 123 KB
39 KB 65ms
65ms Script
application/javascript 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kesko.fi/kconsent/kconsent38.js
Requested by: Host: www.k-rautapro.fi
URL: https://www.k-rautapro.fi/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 140231af63273c66f8f2eb7fcf129c084281a6eceb380cb8dbd7bc011d2d1fa0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 00:34:59 GMT
x-amz-version-id: GN7T38rGRTTYhUJ0rXgi8OA3epKEIIV9
content-encoding: gzip
last-modified: Fri, 26 May 2023 10:51:19 GMT
server: AmazonS3
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"67cd1276fb49380763b3c1c8c8fb836e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 72442
x-amz-cf-id: Ka1ahxf3kjqQbxy4NPlSzGtNWWCFyoLQgXK8NESVoIP5cRtgMHK9aw==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b29ec945f271213561353de985a2b222bb4fb8c9f07a3c5b78a4511fefe3398

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SkattaSansUI-Bold.woff2
sync.kesko.fi/kconsent/ 29 KB
30 KB 221ms
108ms Font
binary/octet-stream 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kesko.fi/kconsent/SkattaSansUI-Bold.woff2
Requested by: Host: sync.kesko.fi
URL: https://sync.kesko.fi/kconsent/kconsent38v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d0dbe8057ec1c3ad1f5c0599da5aae7afa8bcacde4da84b63508ae99a96a1bb

Request headers

Referer: https://sync.kesko.fi/kconsent/kconsent38v2.css
Origin: https://www.k-rautapro.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:21 GMT
x-amz-version-id: 2XGz1Pwy0b43GpnnVFCvjY0b.vxb25mF
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 29944
last-modified: Tue, 23 May 2023 10:36:50 GMT
server: AmazonS3
etag: "61d38dbaffef61702b65b5bbf2c24bd3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: vLHpirdpIirAEyjRDuMw_2fnek1jio8bf454rCq7vUa3WHT6trORow==

GET
H2 200 SkattaSansUI-Regular.woff2
sync.kesko.fi/kconsent/ 27 KB
27 KB 213ms
100ms Font
binary/octet-stream 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kesko.fi/kconsent/SkattaSansUI-Regular.woff2
Requested by: Host: sync.kesko.fi
URL: https://sync.kesko.fi/kconsent/kconsent38v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c5d52bba286da26718fc370b40d413138941fd0392130785b24325a8039e95f

Request headers

Referer: https://sync.kesko.fi/kconsent/kconsent38v2.css
Origin: https://www.k-rautapro.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 20:42:21 GMT
x-amz-version-id: e7DomRizlg70o769SuxOJEOe2Vgsym5g
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 27168
last-modified: Tue, 23 May 2023 10:39:27 GMT
server: AmazonS3
etag: "caece0d75fea389b04fd0e5b58e61a7c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: KxsY5EAv6VT9OCDIxjRFgcB5sqnxCEmvi2x7VbNsOmeLH6YcY8lyNA==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.login.k-rautapro.fi/	1970-01-20 15:34:23	Name: __cf_bm Value: MoASUH3mU9VwYvcdiFoncRrpVeG_QPJlv9RUrCEffT8-1697661737-0-AbeXyT93a2qpYcG+OHpzkNo3D206t4RvKH13DvLGOKIe9lWwp0y4G3BmO65GyFBKWhGUysJiiTFgFAa5VHxIQBg=
			www.k-rautapro.fi/	1970-01-20 15:44:26	Name: userId Value: s%3Ad42f0de0-6df6-11ee-8f78-55abed40b0e3.nYIRM6NS2hlOm8h5fX0EjTGQYxyRlZsg93ScJZJ1dpQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.k-rautapro.fi/login Message: The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWMDZL7&l=dataLayer(Line 474) Message: [Report Only] Refused to load the stylesheet 'https://sync.kesko.fi/kconsent/kconsent38v2.css' because it violates the following Content Security Policy directive: "style-src-elem 'self' 'unsafe-inline' https://optimize.google.com .googleoptimize.com .sync.ksync.fi *.k-rauta.fi".
security	error	(Line 4) Message: The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security	error	Message: [Report Only] Refused to load the script 'https://sync.kesko.fi/kconsent/kconsent38.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com .googletagmanager.com https://ssl.gstatic.com .doubleclick.net https://www.gstatic.com https://www.google.se https://www.google.fi https://www.google.com .analytics.google.com .bing.com .clarity.ms https://www.connect.facebook.net .swogo.net https://optimize.google.com .googleoptimize.com .zdassets.com .zopim.com .zendesk.com .k-rauta.fi https://widget.trustpilot.com https://survey.feedbackly.com .r.testfreaks.com https://js.testfreaks.com https://cr.testfreaks.com https://code.jquery.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

k-rautapro.fi
login.k-rautapro.fi
sync.kesko.fi
sync.ksync.fi
www.googletagmanager.com
www.k-rautapro.fi
143.204.98.99
2606:4700:4400::6812:289c
2606:4700::6813:9913
2a00:1450:4001:80b::2008
140231af63273c66f8f2eb7fcf129c084281a6eceb380cb8dbd7bc011d2d1fa0
18be14503b5e437baf3ecb29edf5ce7f662a65191a2204d6bfe5def184f66bb7
24285b25616b8e0abcc87027a8fc557f04f1a0c7d91ade343c51a52d26cb2384
24f8f1ee8d0a38703a636af7c34dc314a7fdf06a63e774221fb3665351038232
2c5d52bba286da26718fc370b40d413138941fd0392130785b24325a8039e95f
4a6f0da9bf42204b7819caa1172be34a44211ccc0e18a60fba45c2eb9d19240f
4b29ec945f271213561353de985a2b222bb4fb8c9f07a3c5b78a4511fefe3398
4d0dbe8057ec1c3ad1f5c0599da5aae7afa8bcacde4da84b63508ae99a96a1bb
562168b67225f13a98146877d693c35b7c242104f0336038120f9576736928a4
5839e803ddbb7da727b14429995a0ed93428f1accd6c3112c30ec0081402cc00
5fba362ecfa04aae88f7d12c20334c5629f53d397f813085dfe76596e0557070
63a31d736876f7628aa5a2a73f3aff608d6653be4e5b6c4787dc7741079255c1
90541057363b84dce136374c1ab08274268b69cc3f6311d839ae047a44c31b53
a753c114750164b1578b03b6b90020f35f236217e587abd544f5a7e94440d778
b9569678fbf0295878e14d6c25bbf031853a0e6c2cde6fa9fd2f14193e2301a8
c89b36ac542817b5a8eadbb07327a34bae582218f283c4a036442a25f648de0f
cd04df5979c995042b8aca9cc238312bb93869c935bfdf197fe526677514dbe1
db2f3a57c8a731035f0135922f9aa2ce27feea5f2292ab34c5a7e4125bd2f7df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.k-rautapro.fi Open in urlscan Pro 2606:4700:4400::6812:289c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

75 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

1779 kBTransfer

6523 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

www.k-rautapro.fi Open in urlscan Pro
2606:4700:4400::6812:289c Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

1779 kB
Transfer

6523 kB
Size

2
Cookies

20 HTTP transactions
2 data transactions