welcome.barona.fi Open in urlscan Pro
2a05:d018:c66:5f01:702b:f878:9e45:452d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://contact.barona.fi/
Effective URL:
https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Submission: On April 17 via automatic, source certstream-suspicious (April 17th 2021, 9:46:07 pm UTC)

Summary HTTP 43 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 43 HTTP transactions. The main IP is 2a05:d018:c66:5f01:702b:f878:9e45:452d, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is welcome.barona.fi.
TLS certificate: Issued by Amazon on October 22nd 2020. Valid for: a year.

This is the only time welcome.barona.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.249.84.241 34.249.84.241	16509 (AMAZON-02) (AMAZON-02)
18	2a05:d018:c66... 2a05:d018:c66:5f01:702b:f878:9e45:452d	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:191::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	143.204.245.84 143.204.245.84	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.209.40 143.204.209.40	16509 (AMAZON-02) (AMAZON-02)
43	20

1 34.249.84.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-84-241.eu-west-1.compute.amazonaws.com

contact.barona.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a05:d018:c66:5f01:702b:f878:9e45:452d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esittely.barona.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
welcome.barona.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:191::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.245.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-84.cph50.r.cloudfront.net

bot.leadoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-40.fra53.r.cloudfront.net

res.leadoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	barona.fi 1 redirects contact.barona.fi esittely.barona.fi welcome.barona.fi	2 MB
5	leadoo.com 1 redirects bot.leadoo.com res.leadoo.com	124 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	adform.net 1 redirects s2.adform.net track.adform.net	30 KB
3	google-analytics.com www.google-analytics.com	53 KB
2	facebook.com www.facebook.com	496 B
2	bing.com bat.bing.com	9 KB
2	facebook.net connect.facebook.net	97 KB
2	gstatic.com fonts.gstatic.com	88 KB
1	google.de www.google.de	505 B
1	google.com www.google.com	111 B
1	doubleclick.net stats.g.doubleclick.net	91 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
1	googleapis.com fonts.googleapis.com	592 B
1	zencdn.net vjs.zencdn.net	13 KB
43	16

	Domain	Requested by
12	welcome.barona.fi	esittely.barona.fi welcome.barona.fi
6	esittely.barona.fi	esittely.barona.fi
4	bot.leadoo.com	1 redirects www.googletagmanager.com welcome.barona.fi
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	welcome.barona.fi
2	track.adform.net	1 redirects welcome.barona.fi
2	px.ads.linkedin.com	1 redirects welcome.barona.fi
2	bat.bing.com	esittely.barona.fi welcome.barona.fi
2	connect.facebook.net	esittely.barona.fi connect.facebook.net
2	fonts.gstatic.com	welcome.barona.fi
1	res.leadoo.com	welcome.barona.fi
1	www.google.de	welcome.barona.fi
1	www.google.com	welcome.barona.fi
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	s2.adform.net	esittely.barona.fi
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	welcome.barona.fi
1	fonts.googleapis.com	esittely.barona.fi
1	vjs.zencdn.net	esittely.barona.fi
1	contact.barona.fi	1 redirects
43	21

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
ura.barona.fi
careers.barona.fi

Subject Issuer	Validity	Valid
*.barona.fi Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
bot.leadoo.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
res.leadoo.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Frame ID: 08C632F9C3C752182D34B4A0DBF54DBF
Requests: 42 HTTP requests in this frame

Frame: https://res.leadoo.com/fonts/roboto.css
Frame ID: 3C284EA4B90D8CB73B47C28DF11B3593
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://contact.barona.fi/ HTTP 301
https://esittely.barona.fi/ Page URL
https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

43
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

2491 kB
Transfer

4852 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/BaronaCareers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BaronaCareers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/barona-group-oy/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/baronacareers/

Search URL Search Domain Scan URL

URL: https://ura.barona.fi/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://careers.barona.fi/en/privacy-statement/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://ura.barona.fi/help-and-support
Title: Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://contact.barona.fi/ HTTP 301
https://esittely.barona.fi/ Page URL
https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://contact.barona.fi/ HTTP 301
https://esittely.barona.fi/

Request Chain 29

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.barona.fi%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1854788%252C2936482%26time%3D1618695950637%26url%3Dhttps%253A%252F%252Fwelcome.barona.fi%252F%253Fs%253D5I0hiOdat9f5q3EfYiOQ1QlVuH4%2526return%253Dhttps%253A%252F%252Fesittely.barona.fi%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.barona.fi%2F&liSync=true

Request Chain 36

https://track.adform.net/Serving/TrackPoint/?pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F

Request Chain 39

https://bot.leadoo.com/bot/dynamic/r/chat.js?company=UmNb1gV&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F HTTP 307
https://bot.leadoo.com/bot/chat.js?code=ApMv9zed

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
esittely.barona.fi/
Redirect Chain

https://contact.barona.fi/
https://esittely.barona.fi/

597 B
995 B

126ms
33ms

Document
text/html

2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 / Express

Resource Hash

c050c562524969501a7f8e6c55fd1a61623d4a17e53c3ff6a961619dacf3db15

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: esittely.barona.fi
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/ AWSALBCORS=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/; SameSite=None; Secure
server: nginx/1.15.12
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Thu, 15 Apr 2021 11:51:23 GMT
etag: W/"255-178d55f1a78"
strict-transport-security: max-age=600; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 17 Apr 2021 21:45:49 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://esittely.barona.fi/

GET
H2 200 video-js.min.css
vjs.zencdn.net/5.19/ 38 KB
13 KB 26ms
7ms Stylesheet
text/css 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/5.19/video-js.min.css
Requested by: Host: esittely.barona.fi
URL: https://esittely.barona.fi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba7adc42df56cac0d62c97335aba59cbe04a59f57976ec2d66d6ae0ab056f37c

Request headers

Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2017 18:45:21 GMT
etag: "c87ce6ad6cf65dbe6458a0703781c3d6"
x-served-by: cache-hhn4071-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
timing-allow-origin: *
content-length: 13328
x-cache-hits: 60

GET
H2 200 style.client.b34cdd3d4587e68c767c.css
esittely.barona.fi/ 57 KB
11 KB 36ms
35ms Stylesheet
text/css 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/style.client.b34cdd3d4587e68c767c.css?f559897294443a60505b

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 / Express

Resource Hash

2310d6a31edde8a9f975235c67fd5c1560d8afb09adbcf1e145129932b1610d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:path: /style.client.b34cdd3d4587e68c767c.css?f559897294443a60505b
pragma: no-cache
cookie: AWSALB=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9; AWSALBCORS=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: esittely.barona.fi
referer: https://esittely.barona.fi/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 11:51:23 GMT
server: nginx/1.15.12
x-powered-by: Express
etag: W/"e57a-178d55f1a78"
strict-transport-security: max-age=600; includeSubDomains
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
set-cookie: AWSALB=sCmg7hE9cUX9Q3jhpfAlIyUnZTeKfHW3hyAoY7Sbl/6hwDjWReN/M94RUAjnV8QcCaltgdpYGz4fnzjfYejyR/H4xUo+xejqy3YBwnJ8Kv7aN/pItTaS5tc+FsYq; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/ AWSALBCORS=sCmg7hE9cUX9Q3jhpfAlIyUnZTeKfHW3hyAoY7Sbl/6hwDjWReN/M94RUAjnV8QcCaltgdpYGz4fnzjfYejyR/H4xUo+xejqy3YBwnJ8Kv7aN/pItTaS5tc+FsYq; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block

GET
H2 200 client.f7c46d2ec5299a9b20db.js Show response
esittely.barona.fi/ 2 MB
538 KB 66ms
65ms Script
application/javascript 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 / Express

Resource Hash

b77216e6243bfb470dca9710551a69cb068fa90137e4d9d30fb4e4d1f70c3db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:path: /client.f7c46d2ec5299a9b20db.js?f559897294443a60505b
pragma: no-cache
cookie: AWSALB=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9; AWSALBCORS=7a2J+3C8KrR0Y5qED2De3a2mKfOUYxqeYYe2lXpl4iWuM3Sv41edz3qjZ5m2t46w1CBa2lVnEfTm3WJ/l9TAQjxbtRkiHuYuvviPEfA0YmnAnjCe8uNCTV5rMXx9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: esittely.barona.fi
referer: https://esittely.barona.fi/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 11:51:23 GMT
server: nginx/1.15.12
x-powered-by: Express
etag: W/"1ec1e8-178d55f1a78"
strict-transport-security: max-age=600; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
set-cookie: AWSALB=BxmBp+VtYxTkVqzqJySbLdximW7gri70Jf/Ytq2pg+zIjT6I5dEGT65t2ApZKX/vYEgryUv6yC1LrY/0NyNeVBy3M71phaCg2e0AO2OhPHvgBsRF+ZYTiTPBvZs5; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/ AWSALBCORS=BxmBp+VtYxTkVqzqJySbLdximW7gri70Jf/Ytq2pg+zIjT6I5dEGT65t2ApZKX/vYEgryUv6yC1LrY/0NyNeVBy3M71phaCg2e0AO2OhPHvgBsRF+ZYTiTPBvZs5; Expires=Sat, 24 Apr 2021 21:45:49 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
592 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,500,700,900

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/style.client.b34cdd3d4587e68c767c.css?f559897294443a60505b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d5cd018e475f10add8650d1a12222acc1bd0ca6dc79de8dfb67f8f2119344db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 21:45:50 GMT
server: ESF
date: Sat, 17 Apr 2021 21:45:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 21:45:50 GMT

GET
H2 200 /
esittely.barona.fi/socket.io/ 104 B
672 B 35ms
35ms XHR
text/plain 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp0_5

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:path: /socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp0_5
pragma: no-cache
cookie: AWSALB=BxmBp+VtYxTkVqzqJySbLdximW7gri70Jf/Ytq2pg+zIjT6I5dEGT65t2ApZKX/vYEgryUv6yC1LrY/0NyNeVBy3M71phaCg2e0AO2OhPHvgBsRF+ZYTiTPBvZs5; AWSALBCORS=BxmBp+VtYxTkVqzqJySbLdximW7gri70Jf/Ytq2pg+zIjT6I5dEGT65t2ApZKX/vYEgryUv6yC1LrY/0NyNeVBy3M71phaCg2e0AO2OhPHvgBsRF+ZYTiTPBvZs5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: esittely.barona.fi
referer: https://esittely.barona.fi/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
server: nginx/1.15.12
strict-transport-security: max-age=600; includeSubDomains
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
set-cookie: AWSALB=lN+UUtB3F5bH7nTFyqPewn9IvbVfpG1WQ1ZzRifQkRe/5R2AY2MkXveLP2OsapzL/nNl0BkZul0PRsbZVz9JHzft9fEIyWWv8+27rVH7zjZ2QtazDZRn5qiVkwu2; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/ AWSALBCORS=lN+UUtB3F5bH7nTFyqPewn9IvbVfpG1WQ1ZzRifQkRe/5R2AY2MkXveLP2OsapzL/nNl0BkZul0PRsbZVz9JHzft9fEIyWWv8+27rVH7zjZ2QtazDZRn5qiVkwu2; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/; SameSite=None; Secure io=8TPT8EJm4SD0sAV6AAQq; Path=/; HttpOnly; SameSite=Strict
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 /
esittely.barona.fi/socket.io/ 139 B
704 B 32ms
31ms XHR
text/plain 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp0_m&sid=8TPT8EJm4SD0sAV6AAQq

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:path: /socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp0_m&sid=8TPT8EJm4SD0sAV6AAQq
pragma: no-cache
cookie: AWSALB=lN+UUtB3F5bH7nTFyqPewn9IvbVfpG1WQ1ZzRifQkRe/5R2AY2MkXveLP2OsapzL/nNl0BkZul0PRsbZVz9JHzft9fEIyWWv8+27rVH7zjZ2QtazDZRn5qiVkwu2; AWSALBCORS=lN+UUtB3F5bH7nTFyqPewn9IvbVfpG1WQ1ZzRifQkRe/5R2AY2MkXveLP2OsapzL/nNl0BkZul0PRsbZVz9JHzft9fEIyWWv8+27rVH7zjZ2QtazDZRn5qiVkwu2; io=8TPT8EJm4SD0sAV6AAQq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: esittely.barona.fi
referer: https://esittely.barona.fi/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
server: nginx/1.15.12
strict-transport-security: max-age=600; includeSubDomains
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
set-cookie: AWSALB=hsEXBurEfg1PV0grSPLsRrRPQ6NJbPZoVA6iw3viTIaYtw2YgmUgFebUoOuQyYBxtaukMFmLzwInMFlLZIafHJ7mrkVhmUSjSV1ftDECyDMc11TAWlJORO/2TEbu; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/ AWSALBCORS=hsEXBurEfg1PV0grSPLsRrRPQ6NJbPZoVA6iw3viTIaYtw2YgmUgFebUoOuQyYBxtaukMFmLzwInMFlLZIafHJ7mrkVhmUSjSV1ftDECyDMc11TAWlJORO/2TEbu; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/; SameSite=None; Secure io=8TPT8EJm4SD0sAV6AAQq; Path=/; HttpOnly; SameSite=Strict
content-length: 139
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request / Show response
welcome.barona.fi/ 3 KB
2 KB 92ms
58ms Document
text/html 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

79b49093a9e2a1eda44e058516a1c6c1985105b44a60703e7f2d00ea1adfda6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: welcome.barona.fi
:scheme: https
:path: /?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://esittely.barona.fi/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://esittely.barona.fi/

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.19.7
vary: Accept-Encoding
x-powered-by: Express
cache-control: no-cache, no-store, must-revalidate must-revalidate
pragma: no-cache
expires: 0
set-cookie: _csrf=26St4Or93AokHCtng_6IY89k; Path=/
etag: W/"d00-ty0Ovru6NJ/5rM+YOFxT8MksbQA"
strict-transport-security: max-age=600; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip

POST
H2 200 /
esittely.barona.fi/socket.io/ 2 B
605 B 33ms
33ms XHR
text/html 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esittely.barona.fi/socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp10J&sid=8TPT8EJm4SD0sAV6AAQq

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.15.12 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://esittely.barona.fi
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: io=8TPT8EJm4SD0sAV6AAQq; AWSALB=hsEXBurEfg1PV0grSPLsRrRPQ6NJbPZoVA6iw3viTIaYtw2YgmUgFebUoOuQyYBxtaukMFmLzwInMFlLZIafHJ7mrkVhmUSjSV1ftDECyDMc11TAWlJORO/2TEbu; AWSALBCORS=hsEXBurEfg1PV0grSPLsRrRPQ6NJbPZoVA6iw3viTIaYtw2YgmUgFebUoOuQyYBxtaukMFmLzwInMFlLZIafHJ7mrkVhmUSjSV1ftDECyDMc11TAWlJORO/2TEbu
content-length: 3
:path: /socket.io/?return=https%3A%2F%2Fesittely.barona.fi%2F&EIO=3&transport=polling&t=NZXp10J&sid=8TPT8EJm4SD0sAV6AAQq
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: esittely.barona.fi
referer: https://esittely.barona.fi/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://esittely.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
server: nginx/1.15.12
strict-transport-security: max-age=600; includeSubDomains
content-type: text/html
access-control-allow-origin: https://esittely.barona.fi
access-control-allow-credentials: true
set-cookie: AWSALB=SHRKo6XQr7QdCxx4paLeuJy3tX/dTq1LUbfNBEg4rDH8vWWdIAQxzRzF65KNPLFdJkz1Wsd9c3iLB+OWMzmFP+q0Ipv2KZHGU4m5S8yybHPRl6+28KkGcvdqzcAb; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/ AWSALBCORS=SHRKo6XQr7QdCxx4paLeuJy3tX/dTq1LUbfNBEg4rDH8vWWdIAQxzRzF65KNPLFdJkz1Wsd9c3iLB+OWMzmFP+q0Ipv2KZHGU4m5S8yybHPRl6+28KkGcvdqzcAb; Expires=Sat, 24 Apr 2021 21:45:50 GMT; Path=/; SameSite=None; Secure io=8TPT8EJm4SD0sAV6AAQq; Path=/; HttpOnly; SameSite=Strict
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 libs.js Show response
welcome.barona.fi/js/ 1 MB
1 MB 38ms
38ms Script
application/javascript 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.barona.fi/js/libs.js

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

355999963aabee37630630eed88301cda82d57c4ccf54d9fd5d05ce9144930b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/libs.js
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
etag: W/"1026a8-lcwVqYXwm7vqsW6fpImObhbBTzY"
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate
strict-transport-security: max-age=600; includeSubDomains
content-length: 1058472
x-xss-protection: 1; mode=block

GET
H2 200 client.js Show response
welcome.barona.fi/js/ 42 KB
43 KB 68ms
67ms Script
application/javascript 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.barona.fi/js/client.js

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

b512627c0d7ff8b690758020a4b58a1bf3966aab027ef573d32e8a3d3b3e845c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/client.js
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
etag: W/"a99d-HK301Jw7J3JvG41OkR9zAPBDXy0"
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate
strict-transport-security: max-age=600; includeSubDomains
content-length: 43421
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
welcome.barona.fi/css/ 14 KB
3 KB 37ms
37ms Stylesheet
text/css 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.barona.fi/css/styles.css

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

281561c99aa58280657d9085859068b335778ec732a11685b5ea86752887c3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css/styles.css
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 11:55:25 GMT
server: nginx/1.19.7
x-powered-by: Express
etag: W/"3648-178d562cef1"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate must-revalidate
strict-transport-security: max-age=600; includeSubDomains
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 b.svg
welcome.barona.fi/img/ 2 KB
1 KB 34ms
32ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/b.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

f6f399ffef46077027669a627a1cdd80661bb2dcd8751d3e893abc1d73bf610d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/b.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"693-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 barona-blue.svg
welcome.barona.fi/img/ 2 KB
1 KB 57ms
57ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/barona-blue.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

0543606141f93821b62e8daaa00a5474422e3f4cdb58df90eb12767cb421ce6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/barona-blue.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"993-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 twitter.svg
welcome.barona.fi/img/ 1 KB
919 B 33ms
32ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/twitter.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

006a681c9389a0a217ad40ff9faeb651d98eaccd368b9119471c78c4aa13ec38

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/twitter.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"44b-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 facebook.svg
welcome.barona.fi/img/ 678 B
707 B 55ms
54ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/facebook.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

93b389a34dbc80ffd6f146cf383bafd59986104478b716c450a750d599e20d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/facebook.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"2a6-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 linkedin.svg
welcome.barona.fi/img/ 921 B
842 B 34ms
33ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/linkedin.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

fc50de2eef8b209c9ec05d7afb2ef09b54e490b88824b88a685614b949993fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/linkedin.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"399-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 instagram.svg
welcome.barona.fi/img/ 3 KB
1 KB 55ms
54ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/instagram.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

aae7e1187fe1da933b572be72a34a2252147d42442fc03bcb55d7e2553c92f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/instagram.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"af8-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
54 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKVZRP8

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6531562d518e3ef360b5715bf97d4d9dc7a04beb9090185c0595458f5256b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55174
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 21:45:50 GMT

GET
H2 200 background.png
welcome.barona.fi/img/ 375 KB
376 KB 32ms
32ms Image
image/png 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/background.png

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/css/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

e67fc0a6201391d6dc4342c5583e7c952cc41c3bbaa45ca96894f886d2d44fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/background.png
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
etag: W/"5dcb2-178d5539928"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
accept-ranges: bytes
content-length: 384178
x-xss-protection: 1; mode=block

GET
H2 200 email.svg
welcome.barona.fi/img/ 863 B
804 B 64ms
64ms Image
image/svg+xml 2a05:d018:c66:5f01:702b:f878:9e45:452d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welcome.barona.fi/img/email.svg

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/css/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:c66:5f01:702b:f878:9e45:452d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.7 / Express

Resource Hash

7914eb7d19b3bb134ba54c5bdd6ba2db62113fa88213afb775304fb53e8df87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/email.svg
pragma: no-cache
cookie: _csrf=26St4Or93AokHCtng_6IY89k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: welcome.barona.fi
referer: https://welcome.barona.fi/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://welcome.barona.fi/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
etag: W/"35f-178d5539928"
last-modified: Thu, 15 Apr 2021 11:38:49 GMT
server: nginx/1.19.7
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0 must-revalidate
strict-transport-security: max-age=600; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v17/ 58 KB
29 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://welcome.barona.fi
Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570817
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29795
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 07:12:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v17/ 59 KB
59 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://welcome.barona.fi
Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 13:52:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:47 GMT
server: sffe
age: 546773
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60524
x-xss-protection: 0
expires: Mon, 11 Apr 2022 13:52:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKVZRP8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6568
date: Sat, 17 Apr 2021 19:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 17 Apr 2021 21:56:22 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 26ms
8ms Script
application/x-javascript 2a02:26f0:7100:191::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKVZRP8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 21:45:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=39593
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: esittely.barona.fi
URL: https://esittely.barona.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: 40ZjrAPXYCvOlce2zUkNUaskUvxDFaU20x+Rma5ctisQ6cykVJPWgwiFfssK7XhYFRTREAQ/+YJrS9ChqF517Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 17 Apr 2021 21:45:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 29 KB
9 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: esittely.barona.fi
URL: https://esittely.barona.fi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref: Ref A: 7538BEDAE19446089C4EBF332A76C3EA Ref B: FRAEDGE1515 Ref C: 2021-04-17T21:45:50Z
etag: "0c77652ec27d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8885

GET
H2 200 auto.js Show response
bot.leadoo.com/bot/ 79 KB
24 KB 335ms
217ms Script
application/javascript 143.204.245.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.leadoo.com/bot/auto.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKVZRP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-84.cph50.r.cloudfront.net
Software: LeadooDispatch/1.3.0 /
Resource Hash: da93623d8b55d6093560603ce1146d60797a0f5ba999ca0439f62245a508d892

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
server: LeadooDispatch/1.3.0
x-amz-cf-pop: CPH50-C1
etag: "a24b89991052771696a14616f132b409fd30795f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-ld-req: 01F3GWR4DY74YT9943E36X4KSM
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
cache-control: public, max-age=300, must-revalidate
x-leadoo-bot: auto
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qDxxOcOBu6EHeBWefBJeJyILbGt9Aews7wJ_lwZw_r-p-mJMV8sX-Q==
x-leadoo-bot-version: v0.103.2

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
29 KB 113ms
37ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: esittely.barona.fi
URL: https://esittely.barona.fi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 08:03:21 GMT
server: nginx
etag: W/"6076a1c9-13f40"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P47CQSB&t=gtm2&cid=1353248793.1618695951&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3c9ba8eff2faf187eafa728c472759678c5a8cf46bd086fcf3a8b95b13104cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34775
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 21:45:50 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.ba...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1854788%252C2936482%26time%3D1618695950637%26url%3Dhttps%253A%252F%252Fwelcome.ba...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.ba...

0
57 B

192ms
192ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.barona.fi%2F&liSync=true
Requested by: Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:51 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: 6mdiQWTDdhZgObN29CoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: S1e6NWTDdhZwKliMoisAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 4271329EAF5C424D8FFEC164E17959B2 Ref B: FRAEDGE1510 Ref C: 2021-04-17T21:45:51Z
x-frame-options: sameorigin
date: Sat, 17 Apr 2021 21:45:51 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1854788%2C2936482&time=1618695950637&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.barona.fi%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 1316592211688349 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 157ms
156ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1316592211688349?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e7439a2271b80e8698837e505ceaa170c6a55b225a9a057f2eda62596d2210b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: gS0h4ETSFIfZ3MZCubnNz6XNtiFoERkUfAy4RI5Gp3ZJbKwl3KDroZMRYxbQnGxQLG8jphcCQTqz17ieSgXNWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 17 Apr 2021 21:45:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56269341&Ver=2&mid=b92e2a2d-8c21-4ddc-8f51-cc373b7dee91&sid=46e473609fc611eb967b3be7d2e58621&vid=46e493209fc611eb82e49b4e1b80b8a0&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Barona&p=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F&r=https%3A%2F%2Fesittely.barona.fi%2F&lt=190&evt=pageLoad&msclkid=N&sv=1&rn=385859
Requested by: Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 83209BEE9CE548EABE32F3AC20093C3A Ref B: FRAEDGE1515 Ref C: 2021-04-17T21:45:50Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=898285571&t=pageview&_s=1&dl=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%3A%2F%2Fesittely.barona.fi%2F&dr=https%3A%2F%2Fesittely.barona.fi%2F&ul=en-us&de=UTF-8&dt=Barona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAIC~&jid=1467351551&gjid=1735361818&cid=1353248793.1618695951&tid=UA-85928542-6&_gid=1687161611.1618695951&_r=1&gtm=2wg472WKVZRP8&z=443601999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.barona.fi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-85928542-6&cid=1353248793.1618695951&jid=1467351551&gjid=1735361818&_gid=1687161611.1618695951&_u=aGDAAEACQAAAIC~&z=804078144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Apr 2021 21:45:50 GMT
content-type: text/plain
access-control-allow-origin: https://welcome.barona.fi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 17ms
16ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-85928542-6&cid=1353248793.1618695951&jid=1467351551&_u=aGDAAEACQAAAIC~&z=708464837

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 47ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-85928542-6&cid=1353248793.1618695951&jid=1467351551&_u=aGDAAEACQAAAIC~&z=708464837

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2F%2Fw...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2...

118 B
596 B

48ms
48ms

Script
text/javascript

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b8366b4be79f93164548a098ab0d00ff35dc6f07566a4d4e4f79ec9163fea70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 190
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 21:45:50 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2188238&ADFdivider=%7C&ord=540239513798&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fesittely.barona.fi%2F&ADFtpmode=2&loc=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1316592211688349&ev=PageView&dl=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F&rl=https%3A%2F%2Fesittely.barona.fi%2F&if=false&ts=1618695950825&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618695950824.1304288743&it=1618695950642&coo=false&rqm=GET

Requested by

Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 17 Apr 2021 21:45:50 GMT

GET
H2 200 chat.js Show response
bot.leadoo.com/bot/dynamic/ 90 KB
27 KB 131ms
131ms Script
application/javascript 143.204.245.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.leadoo.com/bot/dynamic/chat.js?company=UmNb1gV
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKVZRP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-84.cph50.r.cloudfront.net
Software: LeadooDispatch/1.3.0 /
Resource Hash: e2db156f3bfc77852b60a2f5f8788aa665efe2399797a7ba67eca4acc8c90206

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:51 GMT
content-encoding: gzip
server: LeadooDispatch/1.3.0
x-amz-cf-pop: CPH50-C1
etag: "63ecacb51bbb37f5f83773e4228d0d5af6d9c43c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-ld-req: 01F3GWR4QG7786PDBY3FVNG3QK
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
cache-control: public, max-age=300, must-revalidate
x-leadoo-bot: chat
content-type: application/javascript; charset=utf-8
x-amz-cf-id: UJl9PHbJEIrokws9zI1yh_WguzKkdcG7ykbNFJYyR5zP1wqyQ7yNLg==
x-leadoo-bot-version: v0.103.2

GET
H2

200

chat.js Show response
bot.leadoo.com/bot/
Redirect Chain

https://bot.leadoo.com/bot/dynamic/r/chat.js?company=UmNb1gV&url=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F
https://bot.leadoo.com/bot/chat.js?code=ApMv9zed

246 KB
71 KB

209ms
208ms

Script
application/javascript

143.204.245.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.leadoo.com/bot/chat.js?code=ApMv9zed
Requested by: Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-84.cph50.r.cloudfront.net
Software: LeadooDispatch/1.3.0 /
Resource Hash: 073e7dd3ea87c96f286849895e0b84808c9c0abd50a57b6d365a83201e68b68b

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:51 GMT
content-encoding: gzip
server: LeadooDispatch/1.3.0
x-amz-cf-pop: CPH50-C1
etag: "6be09902ea66c7818cfb312065b77630091acdfd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-ld-req: 01F3GWR50PKADB0D7H9TA7HAQX
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
cache-control: public, max-age=300, must-revalidate
x-leadoo-bot: chat
content-type: application/javascript; charset=utf-8
x-amz-cf-id: t3XnJVHEEIgFzy6o3qR7WBoFdIvYkQ0-bWL-dmPYTEHpZkxkfvqKHA==
x-leadoo-bot-version: v0.103.2

Redirect headers

date: Sat, 17 Apr 2021 21:45:51 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
server: LeadooDispatch/1.3.0
x-amz-cf-pop: CPH50-C1
x-cache: Miss from cloudfront
x-ld-req: 01F3GWR4VVVP60QXN3QF9HQKCT
location: /bot/chat.js?code=ApMv9zed
cache-control: no-store
content-type: text/plain; charset=utf-8
content-length: 61
x-amz-cf-id: Le93uBRlg7o1kQPkvCOSpRTZT0M4RQjROqPxZThTVpJXmhI-ToV9Fg==

GET
H2 200 roboto.css
res.leadoo.com/fonts/ Frame 3C28 528 B
879 B 100ms
25ms Stylesheet
text/css 143.204.209.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://res.leadoo.com/fonts/roboto.css
Requested by: Host: welcome.barona.fi
URL: https://welcome.barona.fi/?s=5I0hiOdat9f5q3EfYiOQ1QlVuH4&return=https%3A%2F%2Fesittely.barona.fi%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc63bb099cb2b01a53e3c1ee72b821a3393553f0d8e29e2fcd3ab82754160335

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 23:52:28 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 14:31:17 GMT
server: AmazonS3
age: 78804
etag: "7501a73ec84a62c56c8fb561e8e41b36"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=900000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 528
x-amz-cf-id: Fr3r0fnHTyqNywNQ0aFpq4le-QSuytqFdzB-9OzSASGvfdSgB1ke7A==

GET
DATA 200
OK truncated
/ Frame 3C28 531 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f11d598725e681fa515b90fa7253482c2787f0e9a7155a1fd5f16606075e0f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3C28 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d52d067aa7189afbedee8705474920fd7224d56bd8728595c198da155c4a0da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1316592211688349&ev=Microdata&dl=https%3A%2F%2Fwelcome.barona.fi%2F%3Fs%3D5I0hiOdat9f5q3EfYiOQ1QlVuH4%26return%3Dhttps%253A%252F%252Fesittely.barona.fi%252F&rl=https%3A%2F%2Fesittely.barona.fi%2F&if=false&ts=1618695952328&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Barona%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618695950824.1304288743&it=1618695950642&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://welcome.barona.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 21:45:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 17 Apr 2021 21:45:52 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barona.fi/	1970-01-19 17:38:16	Name: _gat_UA-85928542-6 Value: 1
.barona.fi/	1970-01-19 19:47:51	Name: _fbp Value: fb.1.1618695950824.1304288743
.barona.fi/	1970-01-19 18:01:39	Name: _uetvid Value: 46e493209fc611eb82e49b4e1b80b8a0
.barona.fi/	1970-01-20 11:09:27	Name: _ga Value: GA1.2.1353248793.1618695951
.barona.fi/	1970-01-19 17:39:42	Name: _gid Value: GA1.2.1687161611.1618695951
.barona.fi/	1970-01-19 17:39:42	Name: _uetsid Value: 46e473609fc611eb967b3be7d2e58621
welcome.barona.fi/	1969-12-31 23:59:59	Name: _csrf Value: 26St4Or93AokHCtng_6IY89k

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://esittely.barona.fi/client.f7c46d2ec5299a9b20db.js?f559897294443a60505b(Line 2) Message: User not logged in. Redirecting to the login page...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=600; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bot.leadoo.com
connect.facebook.net
contact.barona.fi
esittely.barona.fi
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
res.leadoo.com
s2.adform.net
snap.licdn.com
stats.g.doubleclick.net
track.adform.net
vjs.zencdn.net
welcome.barona.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
143.204.209.40
143.204.245.84
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9b
2a02:26f0:7100:191::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::729
2a05:d018:c66:5f01:702b:f878:9e45:452d
34.249.84.241
37.157.2.249
37.157.4.40
006a681c9389a0a217ad40ff9faeb651d98eaccd368b9119471c78c4aa13ec38
0543606141f93821b62e8daaa00a5474422e3f4cdb58df90eb12767cb421ce6c
073e7dd3ea87c96f286849895e0b84808c9c0abd50a57b6d365a83201e68b68b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
2310d6a31edde8a9f975235c67fd5c1560d8afb09adbcf1e145129932b1610d4
281561c99aa58280657d9085859068b335778ec732a11685b5ea86752887c3f8
2d52d067aa7189afbedee8705474920fd7224d56bd8728595c198da155c4a0da
355999963aabee37630630eed88301cda82d57c4ccf54d9fd5d05ce9144930b1
4f11d598725e681fa515b90fa7253482c2787f0e9a7155a1fd5f16606075e0f9
5d5cd018e475f10add8650d1a12222acc1bd0ca6dc79de8dfb67f8f2119344db
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
7914eb7d19b3bb134ba54c5bdd6ba2db62113fa88213afb775304fb53e8df87a
79b49093a9e2a1eda44e058516a1c6c1985105b44a60703e7f2d00ea1adfda6c
7e7439a2271b80e8698837e505ceaa170c6a55b225a9a057f2eda62596d2210b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
93b389a34dbc80ffd6f146cf383bafd59986104478b716c450a750d599e20d30
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
aae7e1187fe1da933b572be72a34a2252147d42442fc03bcb55d7e2553c92f1b
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
b512627c0d7ff8b690758020a4b58a1bf3966aab027ef573d32e8a3d3b3e845c
b77216e6243bfb470dca9710551a69cb068fa90137e4d9d30fb4e4d1f70c3db8
b8366b4be79f93164548a098ab0d00ff35dc6f07566a4d4e4f79ec9163fea70a
ba7adc42df56cac0d62c97335aba59cbe04a59f57976ec2d66d6ae0ab056f37c
c050c562524969501a7f8e6c55fd1a61623d4a17e53c3ff6a961619dacf3db15
c3c9ba8eff2faf187eafa728c472759678c5a8cf46bd086fcf3a8b95b13104cb
d6531562d518e3ef360b5715bf97d4d9dc7a04beb9090185c0595458f5256b73
da93623d8b55d6093560603ce1146d60797a0f5ba999ca0439f62245a508d892
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2db156f3bfc77852b60a2f5f8788aa665efe2399797a7ba67eca4acc8c90206
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67fc0a6201391d6dc4342c5583e7c952cc41c3bbaa45ca96894f886d2d44fff
e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f399ffef46077027669a627a1cdd80661bb2dcd8751d3e893abc1d73bf610d
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fc50de2eef8b209c9ec05d7afb2ef09b54e490b88824b88a685614b949993fd6
fc63bb099cb2b01a53e3c1ee72b821a3393553f0d8e29e2fcd3ab82754160335

welcome.barona.fi Open in urlscan Pro 2a05:d018:c66:5f01:702b:f878:9e45:452d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

76 %IPv6

16 Domains

21 Subdomains

20 IPs

5 Countries

2491 kBTransfer

4852 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

welcome.barona.fi Open in urlscan Pro
2a05:d018:c66:5f01:702b:f878:9e45:452d Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

2491 kB
Transfer

4852 kB
Size

7
Cookies

43 HTTP transactions
2 data transactions