urlscan.io logo urlscan.io
SecurityTrails logo

shop.naantalispa.fi Open in urlscan Pro
195.70.245.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://shop.naantalispa.fi/reservations/category/197/
Submission: On December 20 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 40 HTTP transactions. The main IP is 195.70.245.28, located in Austria and belongs to UTA-AS, AT. The main domain is shop.naantalispa.fi.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.
This is the only time shop.naantalispa.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

33    195.70.245.28 (Austria)

ASN8437 (UTA-AS, AT)
shop.naantalispa.fi
shop.tac.eu.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fi
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 naantalispa.fi
shop.naantalispa.fi
1 MB
2 google.fi
www.google.fi — Cisco Umbrella Rank: 35135
515 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
655 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
398 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 eu.com
shop.tac.eu.com — Cisco Umbrella Rank: 949726
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
144 KB
40 7
Domain Requested by
31 shop.naantalispa.fi 3 redirects shop.naantalispa.fi
2 www.google.fi shop.naantalispa.fi
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 shop.tac.eu.com shop.naantalispa.fi
2 www.googletagmanager.com shop.naantalispa.fi
www.google-analytics.com
1 www.google.com shop.naantalispa.fi
1 region1.analytics.google.com www.googletagmanager.com
40 8

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.naantalispa.fi
www.sunborn.com
www.tac.eu.com
Subject Issuer Validity Valid
shop.naantalispa.fi
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
shop.tac.eu.com
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.fi
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shop.naantalispa.fi/reservations/category/197/
Frame ID: 5DE1CAA6D0A47EFB48C04704EE3F2247
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Naantali Spa: Varaa hoidot - Meikit ja kestovärjäykset

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

93 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1304 kB
Transfer

2903 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shop.naantalispa.fi/gfonts/css?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext HTTP 301
  • https://shop.naantalispa.fi/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
Request Chain 1
  • https://shop.naantalispa.fi/gfonts/css?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext HTTP 301
  • https://shop.naantalispa.fi/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
Request Chain 2
  • https://shop.naantalispa.fi/gfonts/css?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext HTTP 301
  • https://shop.naantalispa.fi/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shop.naantalispa.fi/reservations/category/197/ 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
771efbf2c766bc2d086dc57bfffa6b33a2ee6fc30502506fd1a512efbe4ada5e
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-7304002057986073' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-7304002057986073' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
content-type
text/html; charset=utf-8
date
Wed, 20 Dec 2023 18:57:36 GMT
etag
W/"5f0f-HskS9JOqBqnIhG1QI/7m29I+eGU"
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
Express
x-xss-protection
1; mode=block
/
shop.naantalispa.fi/gfonts/css/
Redirect Chain
  • https://shop.naantalispa.fi/gfonts/css?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
  • https://shop.naantalispa.fi/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
b7b727059780f2ce0561eeb5b5ce5607ea5380b6372152bd3efb3a8e23736c8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-8069503421193149' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-8069503421193149' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=86400
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 20 Dec 2023 18:57:36 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-3900655009793175' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
location
/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block
/
shop.naantalispa.fi/gfonts/css/
Redirect Chain
  • https://shop.naantalispa.fi/gfonts/css?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
  • https://shop.naantalispa.fi/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
7c0d37f92a8b0b2c220571a4201666e34f0de66f579c153fa78dde5d80511298
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-2315402109888599' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-2315402109888599' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=86400
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 20 Dec 2023 18:57:36 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-1476070194657919' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
location
/gfonts/css/?family=Source%20Sans%20Pro:200,200italic,300,300italic,400,400italic,600,600italic,700,700italic,900,900italic&subset=latin-ext
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block
/
shop.naantalispa.fi/gfonts/css/
Redirect Chain
  • https://shop.naantalispa.fi/gfonts/css?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
  • https://shop.naantalispa.fi/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
73d86e98cbbe3e422def45c8d6c589edc99dde770353d6ada543f46524e47921
Security Headers
Name Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-1284463120457261' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-1284463120457261' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=86400
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 20 Dec 2023 18:57:36 GMT
content-security-policy
default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-4719810164487343' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
x-content-type-options
nosniff
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
x-frame-options
sameorigin
location
/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
feature-policy
microphone 'none'; magnetometer 'none'; gyroscope 'none'
x-xss-protection
1; mode=block
719.css
shop.naantalispa.fi/extern/css/ 		858 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/extern/css/719.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
3e1fec1ec160a56e749f9f9dd9ac7653313c52940812d40a314ee809a4586c9c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:39:14 GMT
server
nginx
x-powered-by
Express
etag
W/"d67c3-18c6a44f895"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
EXPIRED
vendor.js
shop.naantalispa.fi/js/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/js/vendor.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f3975bd7240240d0d6dbd2714606dd557b0cbfc35de4a0013a0062af8183cc9e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:17 GMT
server
nginx
x-powered-by
Express
etag
W/"43799-18c6a24f868"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
shop.js
shop.naantalispa.fi/js/helper/ 		97 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/js/helper/shop.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
5289d6a3e89600e6c3375d75211a406025385f71020c62dbcc4c86a0c9b5487c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:23 GMT
server
nginx
x-powered-by
Express
etag
W/"1854a-18c6a250fd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
common-helper.js
shop.naantalispa.fi/js/helper/ 		443 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/js/helper/common-helper.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
24e87fbea67b7c6c8f5c3b2177e028842a356a3c64b9789bcf5af541cd569bc3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:20 GMT
server
nginx
x-powered-by
Express
etag
W/"1bb-18c6a250420"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
tracking-helper.js
shop.naantalispa.fi/js/helper/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/js/helper/tracking-helper.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f0f3b284a01d2b7233968de3343fde4cbb2a1c3df56fc515911dc918815f9760

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:23 GMT
server
nginx
x-powered-by
Express
etag
W/"3636-18c6a250fd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
magnific-popup.css
shop.naantalispa.fi/magnific-popup/dist/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/magnific-popup/dist/magnific-popup.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"1e7d-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
jquery.magnific-popup.js
shop.naantalispa.fi/magnific-popup/dist/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/magnific-popup/dist/jquery.magnific-popup.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
bbff108cda6e7785683b6f8287fb271abac0148300baceac741a0535759492cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"b662-18c6a212fa8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
lc_switch.css
shop.naantalispa.fi/LC-switch/ 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/LC-switch/lc_switch.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
5fcae4922e05ed0a76184ec4cd0628d0bda761c0755f566a8209a6574636c8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"71a-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
lc_switch.min.js
shop.naantalispa.fi/LC-switch/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/LC-switch/lc_switch.min.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
65d9cabd319af4fe3a7fdad149063830a64f464c6b36127e26c335562e8845b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"a8a-18c6a212fa8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
cookieconsent.min.css
shop.naantalispa.fi/components/cookieconsent2/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/components/cookieconsent2/build/cookieconsent.min.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 01:35:56 GMT
server
nginx
x-powered-by
Express
etag
W/"135e-16ae2549860"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
fontawesome.min.css
shop.naantalispa.fi/fontawesome/css/ 		157 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/fontawesome/css/fontawesome.min.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"274cd-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
solid.min.css
shop.naantalispa.fi/fontawesome/css/ 		512 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/fontawesome/css/solid.min.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
8bcd6998bab374ddc0eaa7ccab6ddcb35272dbe5c5a99a61555544e6d200cf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"200-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
regular.min.css
shop.naantalispa.fi/fontawesome/css/ 		520 B
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/fontawesome/css/regular.min.css
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e8a80ad0e5dd762080af21a352bbd17c4dc31ad0d58b6e6c3d9461b43a3cadf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"208-18c6a212fa8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=120
logo_naantalispa.png
shop.naantalispa.fi/extern/sunborn/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/sunborn/logo_naantalispa.png
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e51ad51a69f499923fb01e6613927ca3a0f202f64d1c77d537c96097d7542958

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Fri, 15 Sep 2023 06:58:42 GMT
server
nginx
x-powered-by
Express
etag
W/"252c-18a97a27924"
content-type
image/png
cache-control
public, max-age=120
accept-ranges
bytes
content-length
9516
x-proxy-cache
EXPIRED
51826.jpg
shop.naantalispa.fi/extern/template-pictures/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51826.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
c1a3f344bef85a304b78ff57573fd95bd722fbd7b915885a4846a9a774beb232

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"2cee-18c4491c2ad"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
11502
x-proxy-cache
MISS
51827.jpg
shop.naantalispa.fi/extern/template-pictures/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51827.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
c1a3f344bef85a304b78ff57573fd95bd722fbd7b915885a4846a9a774beb232

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"2cee-18c4491c2ad"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
11502
x-proxy-cache
MISS
51828.jpg
shop.naantalispa.fi/extern/template-pictures/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51828.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
c1a3f344bef85a304b78ff57573fd95bd722fbd7b915885a4846a9a774beb232

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"2cee-18c4491c2b1"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
11502
x-proxy-cache
MISS
51829.jpg
shop.naantalispa.fi/extern/template-pictures/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51829.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
8f16f8852d8d6e49cbf65b28113fe8a70b430d3eae92f1c67abe4e17cda36159

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"4c42-18c4491c2b5"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
19522
x-proxy-cache
MISS
51830.jpg
shop.naantalispa.fi/extern/template-pictures/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51830.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
8f16f8852d8d6e49cbf65b28113fe8a70b430d3eae92f1c67abe4e17cda36159

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"4c42-18c4491c2b9"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
19522
x-proxy-cache
MISS
51831.jpg
shop.naantalispa.fi/extern/template-pictures/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.naantalispa.fi/extern/template-pictures/51831.jpg
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
8f16f8852d8d6e49cbf65b28113fe8a70b430d3eae92f1c67abe4e17cda36159

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
last-modified
Thu, 07 Dec 2023 13:57:32 GMT
server
nginx
x-powered-by
Express
etag
W/"4c42-18c4491c2bd"
content-type
image/jpeg
cache-control
public, max-age=120
accept-ranges
bytes
content-length
19522
x-proxy-cache
MISS
cookieconsent.min.js
shop.naantalispa.fi/components/cookieconsent2/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/components/cookieconsent2/build/cookieconsent.min.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 01:35:56 GMT
server
nginx
x-powered-by
Express
etag
W/"50d5-16ae2549860"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
cookie-dialog.js
shop.naantalispa.fi/js/helper/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/js/helper/cookie-dialog.js
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
0e7b8a942e44f5bb919e7989f00f3295f9edd41e0711a8b1ec9213442a5a8bc3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 21:04:20 GMT
server
nginx
x-powered-by
Express
etag
W/"101a-18c6a250420"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=120
x-proxy-cache
HIT
gtm.js
www.googletagmanager.com/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPLD2TZ
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec3ed77fe9dcdb3d1677276216b8af49c2f05b1f3c90f54dcb845a7fefd0509f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53443
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 18:57:37 GMT
fa-regular-400.woff2
shop.naantalispa.fi/fontawesome/webfonts/ 		380 KB
380 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/fontawesome/css/regular.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shop.naantalispa.fi/fontawesome/css/regular.min.css
Origin
https://shop.naantalispa.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"5ef24-18c6a212fa8"
content-type
font/woff2
cache-control
public, max-age=120
accept-ranges
bytes
content-length
388900
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
shop.tac.eu.com/gfonts/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.tac.eu.com/gfonts/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.naantalispa.fi/gfonts/css/?family=Work%20Sans:100,200,300,400,500,600,700,800,900&subset=latin-ext
Origin
https://shop.naantalispa.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Wed, 20 Dec 2023 18:57:37 GMT
x-content-type-options
nosniff
age
287368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
nginx
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Dec 2024 22:05:01 GMT
fa-solid-900.woff2
shop.naantalispa.fi/fontawesome/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.naantalispa.fi/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/fontawesome/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx / Express
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shop.naantalispa.fi/fontawesome/css/solid.min.css
Origin
https://shop.naantalispa.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 14 Dec 2023 21:00:09 GMT
server
nginx
x-powered-by
Express
etag
W/"505f4-18c6a212fa8"
content-type
font/woff2
cache-control
public, max-age=120
accept-ranges
bytes
content-length
329204
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
shop.tac.eu.com/gfonts/s/playfairdisplay/v36/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.tac.eu.com/gfonts/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.70.245.28 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shop.naantalispa.fi/gfonts/css/?family=Playfair%20Display:400,400italic,700,700italic,900,900italic&subset=latin-ext
Origin
https://shop.naantalispa.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Wed, 20 Dec 2023 18:57:37 GMT
x-content-type-options
nosniff
age
276602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
nginx
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 02:17:09 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLD2TZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Dec 2023 17:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5712
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Dec 2023 19:22:25 GMT
collect
www.google-analytics.com/j/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=481101234&t=pageview&_s=1&dl=https%3A%2F%2Fshop.naantalispa.fi%2Freservations%2Fcategory%2F197%2F&ul=en-us&de=UTF-8&dt=Naantali%20Spa%3A%20Varaa%20hoidot%20-%20Meikit%20ja%20kestov%C3%A4rj%C3%A4ykset&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1728666291&gjid=1012235878&cid=1768507840.1703098658&tid=UA-68453143-1&_gid=754196653.1703098658&_r=1&_slc=1&gtm=45He3bt0n81TPLD2TZ&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1094322388
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
20000a4b12e701cd52eb6d0599fe79756c7a0b88aacb82518859c051d607c6c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shop.naantalispa.fi/reservations/category/197/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shop.naantalispa.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68453143-1&cid=1768507840.1703098658&jid=1728666291&gjid=1012235878&_gid=754196653.1703098658&_u=YEBAAAAAAAAAAC~&z=1326276054
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shop.naantalispa.fi/reservations/category/197/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Dec 2023 18:57:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shop.naantalispa.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K4L77CH2HS&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e13ab14c810ab99253f0cad6158ac56f7901c35cc7023eb80a24c3946e9ae850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 18:57:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93075
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 18:57:38 GMT
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K4L77CH2HS&gtm=45je3bt0v9124725011&_p=1703098657413&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1768507840.1703098658&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fshop.naantalispa.fi%2Freservations%2Fcategory%2F197%2F&dt=Naantali%20Spa%3A%20Varaa%20hoidot%20-%20Meikit%20ja%20kestov%C3%A4rj%C3%A4ykset&sid=1703098658&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K4L77CH2HS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shop.naantalispa.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K4L77CH2HS&cid=1768507840.1703098658&gtm=45je3bt0v9124725011&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K4L77CH2HS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shop.naantalispa.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K4L77CH2HS&cid=1768507840.1703098658&gtm=45je3bt0v9124725011&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=20803354
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68453143-1&cid=1768507840.1703098658&jid=1728666291&_u=YEBAAAAAAAAAAC~&z=1698312748
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68453143-1&cid=1768507840.1703098658&jid=1728666291&_u=YEBAAAAAAAAAAC~&z=1698312748
Requested by
Host: shop.naantalispa.fi
URL: https://shop.naantalispa.fi/reservations/category/197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://shop.naantalispa.fi/reservations/category/197/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 18:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| runtime function| _typeof function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| ownKeys function| _objectSpread function| _defineProperty function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| setImmediate function| clearImmediate object| regeneratorRuntime function| $ function| jQuery object| Frontend function| ping object| dataLayer object| ShopHelper object| CommonUtils function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _classCallCheck function| _defineProperties function| _createClass object| trackingEvents object| ga4TrackingEvents function| TrackingHelper boolean| scriptsWillChange object| cookieconsent object| CookieDialog string| pingPath boolean| fastPing number| pingInterval object| theme object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
shop.naantalispa.fi/ Name: module
Value: shop
shop.naantalispa.fi/ Name: count
Value: 9
shop.naantalispa.fi/ Name: NSESSIONID
Value: eyJpZCI6IlM0V3REa2k2UFAxNzAzMDk4NjU2NzU4In0=
shop.naantalispa.fi/ Name: NSESSIONID.sig
Value: AQBqHnupJPSKVpncTOs8iHjleGo
.shop.naantalispa.fi/ Name: _ga
Value: GA1.3.1768507840.1703098658
.shop.naantalispa.fi/ Name: _gid
Value: GA1.3.754196653.1703098658
.shop.naantalispa.fi/ Name: _gat_UA-68453143-1
Value: 1
.shop.naantalispa.fi/ Name: _ga_K4L77CH2HS
Value: GS1.3.1703098658.1.0.1703098658.60.0.0

1 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPLD2TZ(Line 339)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'nonce-7304002057986073' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com https://*.usercentrics.eu; img-src * data: maps.gstatic.com *.googleapis.com *.ggpht.com *.google-analytics.com *.googletagmanager.com https://pay.google.com; media-src * data:; object-src 'none'; frame-src *; base-uri 'self'; script-src 'self' 'unsafe-inline' 'nonce-7304002057986073' 'unsafe-eval' 'unsafe-hashes' 'sha256-1K+JYRRS16rR/kNeBnHwZdnNrb8+Q2X3eI3c7/ebjCY=' https://*.google-analytics.com/g/collect tagmanager.google.com maps gstatic.com/wcm www.paypalobjects.com tags.tiqcdn.com assets.loginwithamazon.com api.amazon.com facebook.com connect.facebook.net static.zdassets.com static.hotjar.com script.hotjar.com https://*.usercentrics.eu https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com computop-paygate.com www.computop-paygate.com 3ds-sim-dev.computop.com www.googleadservices.com; font-src 'self' data: fonts.googleapis.com shop.tac.eu.com staging-shop.tac.eu.com fonts.gstatic.com https://*.usercentrics.eu; connect-src 'self' wss://app.tac.eu.com https://app.tac.eu.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com maps www.googleadservices.com https://stats.g.doubleclick.net https://static.zdassets.com https://ekr.zdassets.com https://in.hotjar.com https://*.zendesk.com wss://*.zendesk.com https://*.zopim.com wss://*.zopim.com https://*.usercentrics.eu api.amazon.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://google.com/pay https://www.google.com/pay https://pay.google.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com maps shop.tac.eu.com staging-shop.tac.eu.com tagmanager.google.com https://*.usercentrics.eu *.googletagmanager.com https://pay.google.com; frame-ancestors 'self' https://*.facebook.com https://shop.tac.eu.com https://app.tac.eu.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.analytics.google.com
shop.naantalispa.fi
shop.tac.eu.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
195.70.245.28
2001:4860:4802:32::36
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9a
0e7b8a942e44f5bb919e7989f00f3295f9edd41e0711a8b1ec9213442a5a8bc3
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
20000a4b12e701cd52eb6d0599fe79756c7a0b88aacb82518859c051d607c6c0
24e87fbea67b7c6c8f5c3b2177e028842a356a3c64b9789bcf5af541cd569bc3
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3e1fec1ec160a56e749f9f9dd9ac7653313c52940812d40a314ee809a4586c9c
5289d6a3e89600e6c3375d75211a406025385f71020c62dbcc4c86a0c9b5487c
5fcae4922e05ed0a76184ec4cd0628d0bda761c0755f566a8209a6574636c8fc
65d9cabd319af4fe3a7fdad149063830a64f464c6b36127e26c335562e8845b7
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
73d86e98cbbe3e422def45c8d6c589edc99dde770353d6ada543f46524e47921
771efbf2c766bc2d086dc57bfffa6b33a2ee6fc30502506fd1a512efbe4ada5e
7c0d37f92a8b0b2c220571a4201666e34f0de66f579c153fa78dde5d80511298
8bcd6998bab374ddc0eaa7ccab6ddcb35272dbe5c5a99a61555544e6d200cf3e
8f16f8852d8d6e49cbf65b28113fe8a70b430d3eae92f1c67abe4e17cda36159
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b7b727059780f2ce0561eeb5b5ce5607ea5380b6372152bd3efb3a8e23736c8e
bbff108cda6e7785683b6f8287fb271abac0148300baceac741a0535759492cd
c1a3f344bef85a304b78ff57573fd95bd722fbd7b915885a4846a9a774beb232
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ab14c810ab99253f0cad6158ac56f7901c35cc7023eb80a24c3946e9ae850
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51ad51a69f499923fb01e6613927ca3a0f202f64d1c77d537c96097d7542958
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e8a80ad0e5dd762080af21a352bbd17c4dc31ad0d58b6e6c3d9461b43a3cadf1
ec3ed77fe9dcdb3d1677276216b8af49c2f05b1f3c90f54dcb845a7fefd0509f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3b284a01d2b7233968de3343fde4cbb2a1c3df56fc515911dc918815f9760
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f3975bd7240240d0d6dbd2714606dd557b0cbfc35de4a0013a0062af8183cc9e
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2