URL: https://viisasraha.fi/
Submission: On January 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 62 IPs in 10 countries across 61 domains to perform 239 HTTP transactions. The main IP is 31.217.192.158, located in Finland and belongs to PLANEETTA-AS, FI. The main domain is viisasraha.fi.
TLS certificate: Issued by R3 on January 12th 2022. Valid for: 3 months.
This is the only time viisasraha.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 31.217.192.158 58003 (PLANEETTA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:231... 16509 (AMAZON-02)
6 35.156.232.125 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 95.216.215.9 24940 (HETZNER-AS)
1 4 37.157.6.241 198622 (ADFORM)
7 2606:2800:234... 15133 (EDGECAST)
1 37.157.2.247 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 178.63.219.113 24940 (HETZNER-AS)
1 143.204.98.29 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
11 142.250.186.98 15169 (GOOGLE)
1 18.66.112.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.166 15169 (GOOGLE)
1 34.241.159.43 16509 (AMAZON-02)
1 13.224.193.12 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.200 13414 (TWITTER)
1 54.171.36.119 16509 (AMAZON-02)
8 2606:2800:134... 15133 (EDGECAST)
20 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:2800:233... 15133 (EDGECAST)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 108.157.4.57 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 11 142.250.184.226 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
5 6 185.33.221.53 29990 (ASN-APPNEX)
2 3 2001:678:cb4:... 56396 (AMOBEE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 18.197.186.171 16509 (AMAZON-02)
4 4 18.156.0.31 16509 (AMAZON-02)
1 82.113.101.132 6805 (TDDE-ASN1)
3 2.21.141.175 ()
1 1 37.157.6.242 ()
1 185.64.190.78 ()
1 2 37.157.3.29 ()
2 2 185.29.132.245 ()
11 185.64.189.110 ()
2 2 213.155.156.185 ()
7 185.64.190.80 ()
1 178.250.0.163 ()
1 1 85.114.159.118 ()
2 2 151.101.2.49 ()
1 1 34.205.3.24 ()
1 1 23.88.75.189 ()
1 1 188.165.137.78 ()
1 2 2606:4700::68... ()
1 2606:4700:303... ()
3 3 213.19.147.45 ()
4 4 15.197.193.217 ()
1 173.231.180.197 ()
1 195.5.165.20 ()
2 198.47.127.20 ()
1 2 141.94.170.77 ()
2 2 34.254.143.3 ()
1 159.122.14.34 ()
1 2a05:d018:d29... ()
1 1 2620:116:800d... ()
3 3 18.198.121.250 ()
2 2 188.42.191.196 ()
2 2 66.155.71.149 ()
1 1 34.102.253.54 ()
239 62
Apex Domain
Subdomains
Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
232 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 187
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
253 KB
24 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
37 KB
20 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 11064
236 KB
17 viisasraha.fi
viisasraha.fi
830 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
431 KB
10 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1340
pbs.twimg.com — Cisco Umbrella Rank: 691
ton.twimg.com — Cisco Umbrella Rank: 5003
255 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 546
syndication.twitter.com — Cisco Umbrella Rank: 767
214 KB
8 adform.net
track.adform.net — Cisco Umbrella Rank: 3624
s1.adform.net — Cisco Umbrella Rank: 7427
adx.adform.net — Cisco Umbrella Rank: 4951
cm.adform.net
c1.adform.net
27 KB
7 gstatic.com
fonts.gstatic.com
128 KB
7 lwadm.com
lwadm.com — Cisco Umbrella Rank: 131308
content.lwadm.com — Cisco Umbrella Rank: 362646
163 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com
6 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 347
119 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
pr-bh.ybp.yahoo.com
3 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
dis.criteo.com
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
133 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 857
in.hotjar.com — Cisco Umbrella Rank: 1592
65 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 649
r.turn.com — Cisco Umbrella Rank: 2156
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
2 KB
3 giosg.com
service.giosg.com — Cisco Umbrella Rank: 84503
85 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
11 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 844
156 KB
2 sitescout.com
pixel-sync.sitescout.com
946 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 1rx.io
sync.1rx.io
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
744 B
2 de17a.com
d5p.de17a.com
637 B
2 mathtag.com
sync.mathtag.com
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 293
940 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2256
pubmatic-match.dotomi.com
207 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2396
23 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 playground.xyz
ads.playground.xyz
466 B
1 quantserve.com
pixel.quantserve.com
542 B
1 simpli.fi
um.simpli.fi
610 B
1 iprom.net
core.iprom.net
279 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 ad4m.at
ad4m.at
915 B
1 erne.co
green.erne.co
327 B
1 loopme.me
csync.loopme.me
217 B
1 stackadapt.com
sync.srv.stackadapt.com
652 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 59950
609 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
792 B
1 userreport.com
visitanalytics.userreport.com — Cisco Umbrella Rank: 16079
498 B
1 spklw.com
bonfire.spklw.com — Cisco Umbrella Rank: 54261
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 lehtiluukku.fi
feed.lehtiluukku.fi
76 KB
1 strossle.com
assets.strossle.com — Cisco Umbrella Rank: 60379
12 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
36 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 taboola.com Failed
trc.taboola.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
239 61
Domain Requested by
27 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
viisasraha.fi
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
20 c.bannerflow.net s0.2mdn.net
viisasraha.fi
c.bannerflow.net
18 pagead2.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
viisasraha.fi
securepubads.g.doubleclick.net
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
17 viisasraha.fi viisasraha.fi
11 simage2.pubmatic.com ads.pubmatic.com
11 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
11 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
viisasraha.fi
7 image2.pubmatic.com ads.pubmatic.com
7 pbs.twimg.com viisasraha.fi
platform.twitter.com
7 fonts.gstatic.com fonts.googleapis.com
7 platform.twitter.com viisasraha.fi
platform.twitter.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
6 googleads4.g.doubleclick.net ad.doubleclick.net
viisasraha.fi
6 lwadm.com viisasraha.fi
lwadm.com
content.lwadm.com
ads.pubmatic.com
5 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 securepubads.g.doubleclick.net lwadm.com
securepubads.g.doubleclick.net
viisasraha.fi
5 www.googletagservices.com viisasraha.fi
www.googletagservices.com
s0.2mdn.net
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
4 match.adsrvr.org 4 redirects
4 ups.analytics.yahoo.com 4 redirects
3 x.bidswitch.net 3 redirects
3 ads.pubmatic.com content.lwadm.com
ads.pubmatic.com
3 service.giosg.com viisasraha.fi
service.giosg.com
3 cdnjs.cloudflare.com viisasraha.fi
3 use.fontawesome.com viisasraha.fi
use.fontawesome.com
2 pixel-sync.sitescout.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 pixel.advertising.com 2 redirects
2 ad.turn.com 2 redirects
2 googleads.g.doubleclick.net 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
viisasraha.fi
2 www.google.com tpc.googlesyndication.com
viisasraha.fi
2 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 mug.criteo.com
2 script.4dex.io content.lwadm.com
script.4dex.io
2 gum.criteo.com 1 redirects
2 ton.twimg.com platform.twitter.com
2 adx.adform.net s1.adform.net
content.lwadm.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 ad.doubleclick.net www.googletagservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 track.adform.net 1 redirects viisasraha.fi
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cm.adform.net 1 redirects
1 portal.o2online.de
1 dclk-match.dotomi.com 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
1 r.turn.com 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 visitanalytics.userreport.com
1 cdn.syndication.twimg.com platform.twitter.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 bonfire.spklw.com assets.strossle.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 content.lwadm.com lwadm.com
1 static.hotjar.com viisasraha.fi
1 fonts.googleapis.com viisasraha.fi
1 s1.adform.net viisasraha.fi
1 feed.lehtiluukku.fi viisasraha.fi
1 assets.strossle.com viisasraha.fi
1 www.googletagmanager.com viisasraha.fi
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 trc.taboola.com Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 google2waycm.netmng.com Failed 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
0 hbopenbid.pubmatic.com Failed content.lwadm.com
239 92
Subject Issuer Validity Valid
viisasraha.fi
R3
2022-01-12 -
2022-04-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
assets.strossle.com
Amazon
2021-02-13 -
2022-03-14
a year crt.sh
lwadm.com
Amazon
2021-03-22 -
2022-04-20
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
feed.lehtiluukku.fi
R3
2021-12-30 -
2022-03-30
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2
2021-08-02 -
2022-09-03
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.lwadm.com
Amazon
2021-03-22 -
2022-04-20
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
spklw.com
Amazon
2021-06-07 -
2022-07-06
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-06 -
2023-01-05
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-26
3 months crt.sh
*.userreport.com
Amazon
2021-02-18 -
2022-03-19
a year crt.sh
*.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.iprom.net
R3
2021-12-29 -
2022-03-29
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-24 -
2022-02-16
6 months crt.sh

This page contains 42 frames:

Primary Page: https://viisasraha.fi/
Frame ID: 7ABD592BD737628BDDCFAD74E74E5717
Requests: 75 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Frame ID: 8C81CD7B1D57F468BB1A0663FC581AAC
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Frame ID: B7DA0C7722D0595A1A24F2A7835DAD71
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi
Frame ID: F03DE27CF337BABD3D0805F59CDA247F
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 1A5A70C39FCDCF754E64AEA4F0E61A44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 69099E964407F3768F04075AF69442CD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB9A5CD329C1A21FC752CC0306994352
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Frame ID: 6AB0210CE45296444C9DF6E8B339F338
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Frame ID: 3725032354E7EEE41090469523EB97F2
Requests: 9 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314
Frame ID: AF26099569AAF460C44A2A49C7F03D0D
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F4085C1EA4537272D9FC2A5DDD729FC4
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=608&h=401&q=90&f=webp&rt=contain
Frame ID: 89D6B6128CCBC8BF7738DEF221572BF5
Requests: 3 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Frame ID: 4A409F301701E761E34BD488B509B970
Requests: 3 HTTP requests in this frame

Frame: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7BACA795492D9D590EA758737C56E82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7AEE0836D4BEBB5B333924C1E10AD79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDF5BFBCB60EADF8FB53EC8909DE1441
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D92ADFF3C76D0A94DEADD7042C0F66E9
Requests: 24 HTTP requests in this frame

Frame: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 13FD890D0581E46DE1F74A037FDA35C3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Frame ID: 76B0C27BCBC51465BAB7C8355F4D27FC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4137E4D66F13752AE92E5FB64C9F2BB3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CED390426DA21DD7745DF8855A2A28E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
Frame ID: 6516D0B868B33199A3AD1B4BC3370778
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Frame ID: 80789F5D6D6F0C6393C754A16A41F70D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Frame ID: AAA3DCB76EFD19CAC88D743E087C0DEE
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=96387
Frame ID: C3F410FC826FD2DA77066DAB7B3CEC9F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Frame ID: A7DE181A8418907B6C5799FFCEFE5443
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Frame ID: 4B031157A30DB99279F1A84C126ACAFD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
Frame ID: C6DF68E419BD71A87A7BE579E8151A69
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E96C246D2816500366386F1CEC46E585
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Frame ID: 28BF145530B0512424F51730634C5094
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
Frame ID: 9DB5CD4FC499418BC7AB362478F52424
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Frame ID: 8C9F52441355961AA8023A1560785353
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: E002BF68A1C152FD2F7F4608D98C1559
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: ACE4F6AC836B29DD618BB860B4559242
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
Frame ID: AC4094E7F72C775925C6AE5D454DC726
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CD2E8EF5AE2B2A6A8A86C28ED4F1EB09
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: EDB075EAA787A3AA6EDD7EB1AFFE6E21
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2C9D2CAEB5AEC523335ABE333B709BC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
Frame ID: 5CF5BF18A7642B1EA7E4E13149B0C23B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 81C9ED7E72AA406E571F7538457EBD2C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 99D93BAD26BDD35546CBA6254E71F77D
Requests: 1 HTTP requests in this frame

Frame: https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=52cbd598-2715-4c43-a06f-229fc170f945&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Frame ID: A14A62928D5737667B6A9DBB2F824E0D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Viisas raha

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

239
Requests

87 %
HTTPS

39 %
IPv6

61
Domains

92
Subdomains

62
IPs

10
Countries

3554 kB
Transfer

7313 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://track.adform.net/adfserve/?bn=44446390;1x1inv=1;srctype=3;ord=[timestamp] HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
Request Chain 111
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2
Request Chain 118
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
Request Chain 175
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd9xmK7-6Mkq0ZjdODac0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPjvS9mcq40CbnN4o8F9gBo&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1
Request Chain 177
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D
Request Chain 187
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1&google_push=AYg5qPL3zbqHF_cSGHiH79pvIsev_IKeMtcNwppK_4aPgD8ranP1JncVi4ABvDfEMdc4q5nw9FNsHLPVuAqBRltx2QuvH1Sd4Vuh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxNzIyNzY2MDExMTA4OTY2MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
Request Chain 189
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_cver=1&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1
Request Chain 190
  • https://match.360yield.com/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq
Request Chain 191
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw&apid=UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw
Request Chain 192
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU
Request Chain 209
  • https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d$UID HTTP 303
  • https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
Request Chain 212
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Request Chain 213
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
Request Chain 215
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Request Chain 216
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yd9xmwAFIX-6agAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
Request Chain 217
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Request Chain 218
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Request Chain 219
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 220
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
Request Chain 221
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 224
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/99f0e4a9-cb02-4aa9-aa46-47ef2e75d17d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E1mKfs7LSG-PzfxFRqsQaQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
Request Chain 230
  • https://pixel.onaudience.com/?partner=214&mapped=13598A7E-CECB-486F-8FCD-FC4546AB1069 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM1OThBN0UtQ0VDQi00ODZGLThGQ0QtRkM0NTQ2QUIxMDY5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
Request Chain 234
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
Request Chain 235
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
Request Chain 236
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
Request Chain 237
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=13598A7E-CECB-486F-8FCD-FC4546AB1069&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
Request Chain 239
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
Request Chain 240
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5b92343e-6313-520d-b27c-a13bd3a3d0a0&ssp=pubmatic&expires=30&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 241
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
Request Chain 245
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779

239 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
viisasraha.fi/
64 KB
12 KB
Document
General
Full URL
https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
438ba58ddf03960043861c544b21eb6cc61834d69b3a3f9a24b7e05510ea76b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
age
58
content-length
11622
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Thu, 13 Jan 2022 00:25:57 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48142457-13
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ce32392b6fc3e58db363c2032619e02d58d460e28db3a7db90a9d930a7c6da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36653
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 00:25:57 GMT
all.css
use.fontawesome.com/releases/v5.7.2/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://viisasraha.fi/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5503550
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
AS27E04B8EAZHW8Y
x-amz-id-2
a2HpEGoGr3WF2no93fd13WSh9kzGZ89LqeDyjIFkbc/BAiZ/XmL5Tk5jj/ozZsnho4C/MUZo06s=
last-modified
Wed, 30 Jun 2021 15:45:57 GMT
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrtWdiHHeirsWiNtfQEiy4LZclsYZwAHhnYbT3Oh7CxcruaHxjhasaFGaGzQZCyBnAVptBAcaHFrK4BaQOxfAU9nmyWNW1CyTsdD7RpT4AnjVfcK0vZmpNRCOdUu1jpFKWFjMXan14Ib0t9zPNagJsky"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6cca7d868ea94a8b-FRA
f024ab1.css
viisasraha.fi/css/
167 KB
24 KB
Stylesheet
General
Full URL
https://viisasraha.fi/css/f024ab1.css
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
dd068715136cf647c1257a5755756c9715d5d3828d7d2021c7fab0d9f1b09285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
last-modified
Wed, 16 Jun 2021 20:19:52 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
24933
expires
Sat, 12 Feb 2022 00:25:57 GMT
livev08.css
viisasraha.fi/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://viisasraha.fi/css/livev08.css
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
3b8e63ea9bea0a39730aa2d685c78473ac9b21007b8f025d4c06bc1daa5dbef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
last-modified
Mon, 23 Aug 2021 15:46:29 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
5236
expires
Sat, 12 Feb 2022 00:25:57 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/
4 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
509170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
975
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIJYwp1x0UePhvTvUh7pTMiZhmN1yvaNczdki3lkuH4DcbvcG5SSRXkJKV%2BOyCdkKZZXz7tCeZbYW7jmRjDUeNj%2B1BBUT59Nq31WJ3xb%2FdFNFyBAVmio6Daz4M0WRrPZZney%2B6JCX%2BXoTYRVrngkXgI2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cca7d868ac4694c-FRA
expires
Tue, 03 Jan 2023 00:25:57 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/
20 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
499680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5978
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhtGQhhQfi9wLuqn0lTn3waBCbY8jIuyll0p1tlplmal6yjLYL48oAve66A88yHZM6NfdHsiUtmAi5g9Zl7Pph%2BmsQtwLWTzySuDklwUICxJ5Sz%2FIJO8DZPhIJnsO0AKRPIjIKjte9EPvtmCjdDBMEBV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cca7d868ac7694c-FRA
expires
Tue, 03 Jan 2023 00:25:57 GMT
strossle-widget-sdk.js
assets.strossle.com/strossle-widget-sdk/1/
42 KB
12 KB
Script
General
Full URL
https://assets.strossle.com/strossle-widget-sdk/1/strossle-widget-sdk.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:1200:19:1c05:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e8ab5f7daaaf482bba164c993d17017c49a80cbf7aaeaf4df1400fafadefe62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:59:41 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 13:48:25 GMT
server
AmazonS3
age
1577
etag
W/"082c25494b4e6842447656a71791a07d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
bRvM7V6mUwiYaEY02pV4OkLVAf0wFAUkohzlSN1qRVpZZLC7LwGcJA==
pbjs
lwadm.com/lw/
45 KB
17 KB
Script
General
Full URL
https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc664e4c9216232427d7e13d67febe9ae4b53f95c092e474c13d71f66d6ee0c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
679c8f9bc8034a279bea9511fd8b6008|89E2EF6A3514EB7780E4251D5DB84FF2
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,no-cache
access-control-allow-credentials
true
oskl-logo-19_mobiili.png
viisasraha.fi/images/
9 KB
9 KB
Image
General
Full URL
https://viisasraha.fi/images/oskl-logo-19_mobiili.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
459deeea63d0130a0e33f7c336375711339932953e9c210e833ca3da034e073e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Fri, 23 Aug 2019 07:00:08 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8762
expires
Fri, 13 Jan 2023 00:25:57 GMT
vr-logo-x7.jpg
viisasraha.fi/images/
18 KB
18 KB
Image
General
Full URL
https://viisasraha.fi/images/vr-logo-x7.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
9d3b363a2b2029cc1d31211d83be842986d147af0e62679339154d96db7580e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Mon, 11 Mar 2019 17:58:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18329
expires
Fri, 13 Jan 2023 00:25:57 GMT
dcmads.js
www.googletagservices.com/dcm/
9 KB
5 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4396
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:26:54 GMT
cover_big
feed.lehtiluukku.fi/
76 KB
76 KB
Image
General
Full URL
https://feed.lehtiluukku.fi/cover_big?id=1000
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.215.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
api01.epaper.fi
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eb76751dd0224dd462533225c22494207c3190ad01534bdab28d4dd7281605db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
negotiate
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
TCN
choice
Connection
Keep-Alive
Content-Location
cover_big.php
Keep-Alive
timeout=5, max=100
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
  • https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
35 B
395 B
Image
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:57 GMT
server
nginx
location
https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:08:29 GMT
Server
ECS (frb/67BE)
Age
244
Etag
"b607db789ce85f01d2c97329a89acfde+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29153
vr-logo-bottom.png
viisasraha.fi/images/
13 KB
13 KB
Image
General
Full URL
https://viisasraha.fi/images/vr-logo-bottom.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
11ceff13d6c52cc4f36a14030e396c789b09828b48a4b4fb9fa11028ebe09d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Mon, 11 Mar 2019 17:56:31 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13619
expires
Fri, 13 Jan 2023 00:25:57 GMT
oskl-logo-19.png
viisasraha.fi/images/
23 KB
23 KB
Image
General
Full URL
https://viisasraha.fi/images/oskl-logo-19.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
0ee2cbde9a472a390bdf54eabf18b5b093b4080c55c0ba7c415ecab85a58a821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Thu, 22 Aug 2019 09:16:25 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23897
expires
Fri, 13 Jan 2023 00:25:57 GMT
mediatalokeskisuomalainen_550x320_nega.png
viisasraha.fi/images/
16 KB
16 KB
Image
General
Full URL
https://viisasraha.fi/images/mediatalokeskisuomalainen_550x320_nega.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
99b3a7094bb41058185e523e557e97e1ccf4d75f46207fc7143b4687d72e3ffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Tue, 12 Mar 2019 15:27:53 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16036
expires
Fri, 13 Jan 2023 00:25:57 GMT
vastuullistajournalismia_vaaka_FIN_vihreaRGB.png
viisasraha.fi/images/
50 KB
50 KB
Image
General
Full URL
https://viisasraha.fi/images/vastuullistajournalismia_vaaka_FIN_vihreaRGB.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
718a3ae3f8d7cbb50ea6d3c7394770e0d3ed74065a3d209d8182b1ada8d60dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
last-modified
Tue, 12 Mar 2019 15:27:53 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
50715
expires
Fri, 13 Jan 2023 00:25:57 GMT
9697aa7.js
viisasraha.fi/js/
154 KB
48 KB
Script
General
Full URL
https://viisasraha.fi/js/9697aa7.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed /
Resource Hash
54bb0bb2861c66bd9d4f8ba5ac31a15ce7c79307e1fe5515588d38edb7dc6a67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
last-modified
Wed, 16 Jun 2021 20:19:52 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
48602
expires
Sat, 12 Feb 2022 00:25:57 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/
7 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/lazysizes.min.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
501193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2881
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed0-1aea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7JT3Kx5NTLd0iWy9dlSm%2BGjEZVyp%2Fl20YvCtM7kcBb907y4HUbREz56DPZhfTHapNo%2FrdfraejL%2FqfNpc8QRMBP9rIBXuAjDGQPkOVbejtGA2J92C76cqpfnQhyI%2Fsp%2F9QEi5yfgniu9J5yn0sFasWz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cca7d870b85694c-FRA
expires
Tue, 03 Jan 2023 00:25:57 GMT
adx.js
s1.adform.net/banners/scripts/
58 KB
24 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 08:56:10 GMT
server
nginx
etag
W/"612c9d2a-e958"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
css
fonts.googleapis.com/
32 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/css/livev08.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54ad4a5cadfc0419bf288a8752fdfd0ebf312a76dbe59612e568ed3248d6b789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 00:25:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 13 Jan 2022 00:25:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jan 2022 00:25:57 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48142457-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3063
date
Wed, 12 Jan 2022 23:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 13 Jan 2022 01:34:54 GMT
/
service.giosg.com/live/
276 KB
85 KB
Script
General
Full URL
https://service.giosg.com/live/
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
3fce457cdd83ee885c8c8c711eddb3c721d375ccf9bcb6b764e5b6452cd218e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 12:06:48 GMT
server
nginx
etag
"61dd72d8-151ba"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=86400, public
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
content-length
86458
expires
Fri, 14 Jan 2022 00:25:57 GMT
hotjar-2073088.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2073088.js?sv=6
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
/
Resource Hash
b90e8625d42f6ab88d2ff0f91ff2f63c9aefb4b1af8299fca6d423b1646599bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache-hit
1
etag
W/19665e0adfd502c843d33d8a3988fc21
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
1886
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id
BCsu68dWlMr7dwCWmtvf2jp6c9upfruhlSBjjONKKsNXUxhaXfRNqA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
81111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 01:54:06 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/
70 KB
71 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14741624
cf-ray
6cca7d871f7c4a8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
72112
x-amz-id-2
Z2tmNAPm+tIoN437tKTWW3bRMihFEWLYQVWh6ISNWMbGOjMXxNUkYpi80sobjtVmQEayLq5+WjY=
last-modified
Wed, 30 Jun 2021 15:46:18 GMT
server
cloudflare
etag
"4b115e1153a9ea339d6a0bb284cc8ed3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uinH0R037ZvgJrYakAm7OFe1NbpAUdojHDbEeVS%2BdubbCbKVxXTl7sqN6kwfJFlwo7uL2s1xFAWGG%2BoQrK%2FXz0wJ14wLI5Dm0fX0AYLocFu%2BYVBK9tc30c9WHzbgp6JiYCqTkaDrIG9h2VONqLCtPFyq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3BVGCRTGJG5DFRY5
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
499516
cf-ray
6cca7d871f7e4a8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74348
x-amz-id-2
sS0HHyTYI2LpDJ/x85gedsJN4O1xRvgrX1OwyTMIjYUx1h2/aMo+b1+KMTVjvyvKRvC+jxp6Kpk=
last-modified
Wed, 30 Jun 2021 15:46:18 GMT
server
cloudflare
etag
"462806316fea535a6a57651bc2b000b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgMnZZI2LqoPCd6XL9NdYi5dusDYWCW%2FilMtmM2%2FVUo2t%2Fyj1iMQis0KTonH5%2BSAYBtB6d%2Fo47R3BhrN36Omznqy6iwtqlXwfhvsZDpbtiC7pMOtrxeAyv5FAKVkLKtg52Lhl%2BlSrcBnGgCNGPS7E%2FxS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
XCSCVXECJSGD9MRH
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 12:42:18 GMT
x-content-type-options
nosniff
age
387819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 08 Jan 2023 12:42:18 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:11:13 GMT
x-content-type-options
nosniff
age
15284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27412
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 20:11:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 20:07:55 GMT
x-content-type-options
nosniff
age
101882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 20:07:55 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=161788461&t=pageview&_s=1&dl=https%3A%2F%2Fviisasraha.fi%2F&ul=en-us&de=UTF-8&dt=Viisas%20raha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1161494398&gjid=1447574581&cid=1714183167.1642033558&tid=UA-48142457-13&_gid=2033765066.1642033558&_r=1&gtm=2ou1a0&z=899903446
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v82.js
www.googletagservices.com/dcm/
41 KB
17 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v82.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 10 Jan 2022 16:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17197
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:37:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 16:01:37 GMT
prebid.js
content.lwadm.com/lw/4.43.4.5/
456 KB
143 KB
Script
General
Full URL
https://content.lwadm.com/lw/4.43.4.5/prebid.js
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9312253427d9dedc9681e7277bfb6f3dac43c92af95951bf7321567ce3971eac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 15:00:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"b9663240c24806515fcc078c6003d51d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cache-control
private, max-age=31536000
x-amz-cf-id
AQ8mCbCegG_CWN7EhOL3kw8DH5AjeSSzgSql9EHXhrKjN8H4nutH7g==
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
e46fad913ac5c0909b399e533e5935ea0cabf6dd3beba8856d63d1c6413b49ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27126
x-xss-protection
0
server
sffe
etag
"1100 / 669 of 1000 / last-modified: 1641987223"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jan 2022 00:25:57 GMT
modules.95d56a8fe70e88a7dcd9.js
script.hotjar.com/
229 KB
61 KB
Script
General
Full URL
https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2073088.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
/
Resource Hash
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
127192
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61466
access-control-allow-origin
*
last-modified
Tue, 11 Jan 2022 13:05:10 GMT
etag
"e2ccd91105747342ee4a8ed27f9e5793"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iQ-9EZFPmeRm9bXnlCVT30qf0L6bkBinUwK11HVZRUESc9TykgC2DQ==
/
service.giosg.com/api/v5/orgs/5047/client-settings/ Frame
0
0
Preflight
General
Full URL
https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-client-origin
Origin
https://viisasraha.fi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Thu, 13 Jan 2022 00:25:57 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/v5/orgs/5047/client-settings/
54 B
404 B
XHR
General
Full URL
https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
db0fe984e70fedf2e3d1684526247bc7d8f4a8f1cec7e0a874dffa9d4e1337fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Client-Origin
https://viisasraha.fi

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
12
allow
GET, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
54
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48142457-13&cid=1714183167.1642033558&jid=1161494398&gjid=1447574581&_gid=2033765066.1642033558&_u=YEBAAUAAAAAAAC~&z=1516102802
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 Jan 2022 00:25:57 GMT
content-type
text/plain
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,...
ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/ Frame 8C81
47 KB
23 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
323a1227e87d3936afbba80e883cb98419126b85cf3338f81f7ca1977689e138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jan 2022 00:25:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
23009
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fvi...
ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/ Frame B7DA
47 KB
23 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
db7ff16d60fe68cc7c0c36e47848cf583fe2754bf31c8af6e2bbe2be636542b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jan 2022 00:25:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
22941
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 05:33:18 GMT
x-content-type-options
nosniff
age
67959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 05:33:18 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:27:38 GMT
x-content-type-options
nosniff
age
89899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24036
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 23:27:38 GMT
pbjs
lwadm.com/
2 KB
869 B
XHR
General
Full URL
https://lwadm.com/pbjs?19458763
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1cf29d04f1c7fcebbf6799008a2d90c77b7572a203f30394dfcbe6950b0e5c3

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
content-length
599
pubads_impl_2022011101.js
securepubads.g.doubleclick.net/gpt/
351 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
2d0cbcd1269e55e005b91a097951f98a08a48e4118dcfe999b2969b437ca14bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120806
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 09:34:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jan 2022 00:25:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
48 B
84 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=viisasraha.fi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
26b32c35a2119f2c84d15ba619815f30615a190dff209df727d3d996d702e9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
expires
Thu, 13 Jan 2022 00:25:57 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viisasraha.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 11:22:37 GMT
x-content-type-options
nosniff
age
47000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 11:22:37 GMT
widget_iframe.e37c957bd3ae00473b95800b99e19cff.html
platform.twitter.com/widgets/ Frame F03D
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
12250
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jan 2022 00:25:57 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Tue, 11 Jan 2022 20:06:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6713)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
/
bonfire.spklw.com/
0
0
Fetch
General
Full URL
https://bonfire.spklw.com/?t=bulk&i=widget_id%3D6df1f85e-306e-47d1-ac8f-3cce29ff0ddb%26device%3Ddesktop%26session_id%3D7c4c63b0d92e405698cc600e46185bdc%26url%3Dhttps%253A%252F%252Fviisasraha.fi%252F%26origin_type%3Dwidget%26event%3Dload%26type%3Dwidget
Requested by
Host: assets.strossle.com
URL: https://assets.strossle.com/strossle-widget-sdk/1/strossle-widget-sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.159.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-159-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://viisasraha.fi
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Connection
keep-alive
Content-Length
0
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 1A5A
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2073088.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-12.fra2.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
TJcIWecbStv5dz3M0-u87S3_VIQVws6gHY59IBxijRCjqTF2_1881Q==
age
5653238
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame B7DA
8 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:13:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame 8C81
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:13:06 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame B7DA
106 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 14:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 14:30:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7DA
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 13:28:24 GMT
Otaetumatkaa980x552_versio2.jpg
viisasraha.fi/var/site/storage/images/_aliases/full-banner/9/3/8/6/36839-1-fin-FI/
337 KB
337 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/9/3/8/6/36839-1-fin-FI/Otaetumatkaa980x552_versio2.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
c404463be3375101f9b01a6b878901697045f9f73ccb461e75c6e944eccb2826

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
last-modified
Wed, 08 Dec 2021 07:37:36 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
344992
Kryptot_AntonRasanen.jpg
viisasraha.fi/var/site/storage/images/_aliases/nocrop832/3/0/4/7/37403-1-fin-FI/
80 KB
80 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/nocrop832/3/0/4/7/37403-1-fin-FI/Kryptot_AntonRasanen.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
f8c88ff679553f0238d388b61adff27e453d3f7b8b27d5dfcb2df109a4a48d9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
last-modified
Wed, 12 Jan 2022 09:41:40 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
81545
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8C81
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 14:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 14:30:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8C81
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 13:28:24 GMT
settings
syndication.twitter.com/ Frame F03D
232 B
448 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=14ec7a31a2ca9072f7598fee553eb1bf82c2c645
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
105
date
Thu, 13 Jan 2022 00:25:57 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 00:25:58 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c17e98c369f7cff78eb444e6362be3bb4c8d62561b05001aa582e994f608dc87
content-length
166
visit-data
in.hotjar.com/api/v2/client/sites/2073088/
146 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/2073088/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.36.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6909
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 08 Jan 2022 18:05:45 GMT
expires
Sun, 08 Jan 2023 18:05:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
368413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FB9A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 08 Jan 2022 18:05:45 GMT
expires
Sun, 08 Jan 2023 18:05:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
368413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adx.adform.net/adx/
626 B
1 KB
Script
General
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTEwMDcxMTU&url=https%3A%2F%2Fviisasraha.fi%2F&callback=_adform_cb_1642033557980_5785538191481245
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c74a57a9eed5ef80d28578e6e9dd949d6de71306cfaf884006f5daea8e035b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7DA
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:25:58 GMT
FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
s0.2mdn.net/sadbundle/15493210630881542144/ Frame 6AB0
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc25a2821005b9dec41a6cb8b81224a7f6f07f90f1a8adaf6bb93eb3256fe0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1419
date
Thu, 06 Jan 2022 06:51:09 GMT
expires
Fri, 06 Jan 2023 06:51:09 GMT
last-modified
Tue, 13 Apr 2021 13:33:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
581689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame B7DA
0
299 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg&sig=Cg0ArKJSzA25tOXnqTjeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=81&cisv=r20220110.35678&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C81
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:25:58 GMT
FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
s0.2mdn.net/sadbundle/3613336761649856512/ Frame 3725
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e96a40c38b9acd2aed198af86727faf9adacb0d73364f7583aaf740f687d44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1419
date
Tue, 11 Jan 2022 05:36:26 GMT
expires
Wed, 11 Jan 2023 05:36:26 GMT
last-modified
Fri, 26 Feb 2021 01:09:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
154172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8C81
0
60 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo&sig=Cg0ArKJSzJ824AKeWEXREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=90&cbvp=1&cstd=88&cisv=r20220110.49987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame 6909
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:27:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 17:27:59 GMT
oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
pagead2.googlesyndication.com/bg/ Frame FB9A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:27:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13579
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 17:27:59 GMT
perinn%C3%B6njako.jpg
viisasraha.fi/var/site/storage/images/_aliases/crop720/2/8/3/7/37382-1-fin-FI/
28 KB
28 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/crop720/2/8/3/7/37382-1-fin-FI/perinn%C3%B6njako.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
6006d01c3bd434a8410e8aba2a84b5816da5b3be4214afe7585cc2d24cddadbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
last-modified
Wed, 12 Jan 2022 06:35:00 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
29080
fuusio.jpg
viisasraha.fi/var/site/storage/images/_aliases/crop720/3/4/3/7/37343-1-fin-FI/
21 KB
22 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/crop720/3/4/3/7/37343-1-fin-FI/fuusio.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
c9fb3741d896ebeb9350da7de38b326ef40c4e7743ad7cb480d62a9346037496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
last-modified
Tue, 11 Jan 2022 07:03:44 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
22014
moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
platform.twitter.com/js/
25 KB
8 KB
Script
General
Full URL
https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:06:46 GMT
Server
ECS (frb/6738)
Age
12251
Etag
"3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8012
timeline.34cf38a85ac899f1d6a0438a1659decc.js
platform.twitter.com/js/
20 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:06:46 GMT
Server
ECS (frb/67BE)
Age
12249
Etag
"0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6444
view
googleads4.g.doubleclick.net/pcs/ Frame B7DA
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg&sig=Cg0ArKJSzA25tOXnqTjeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=153&dett=3&cstd=81&cisv=r20220110.35678&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 8C81
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo&sig=Cg0ArKJSzJ824AKeWEXREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=143&dett=3&cstd=88&cisv=r20220110.49987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
profile
cdn.syndication.twimg.com/timeline/
21 KB
4 KB
Script
General
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_viisasraha_old&dnt=false&domain=viisasraha.fi&lang=fi&screen_name=viisasraha&suppress_response_codes=true&t=1824481&tweet_limit=2&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
fc34016da75e7f8e3f123320aabdd8b0259a59a7634bcdbfb9face7dbc2b5c41
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
access-control-allow-methods
GET
content-length
3947
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
128
last-modified
Thu, 13 Jan 2022 00:25:58 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
19adee2a9259f40b06d587333996b2509f4a9773cc28c839cb94521aec1874bc
timing-allow-origin
*
x-transaction
c25d90ce6fedf16b
expires
Thu, 13 Jan 2022 00:30:58 GMT
60759d376662a4ff19bed093
c.bannerflow.net/a/ Frame 6AB0
53 KB
18 KB
Script
General
Full URL
https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56af099705b5d8b1e9668ddddb9ea19965486bac07a3eddfc1d1b8a9ae3241bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
6cca7d8adb336933-FRA
link
<https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
60254ed9ca66b5e68189d867
c.bannerflow.net/a/ Frame 3725
53 KB
18 KB
Script
General
Full URL
https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd3917cd586d225aa97c932532c998aec2b7ec5af03d149c9b8d8dda22cfeb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
6cca7d8aeb356933-FRA
link
<https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
preload.jpg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/ Frame 3725
28 KB
28 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/preload.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd5d2d2e122d66b1f874388992b947163db63bc01d6654a1dbfe85fb64dbc00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status
MISS
content-length
28326
x-ms-lease-status
unlocked
last-modified
Fri, 09 Apr 2021 14:13:17 GMT
server
cloudflare
etag
0x8D8FB619F1B7029
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b068783e-201e-0065-6114-084362000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cca7d8b2bc66933-FRA
preload.jpg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/ Frame 6AB0
18 KB
18 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/preload.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1028e23693af5ebfab763bbcf0e34164a9f8a8b7edab823000e680428be6b097

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status
MISS
content-length
17945
x-ms-lease-status
unlocked
last-modified
Tue, 13 Apr 2021 13:31:51 GMT
server
cloudflare
etag
0x8D8FE807F020BBF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
d03f7992-a01e-0054-7c14-08a271000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cca7d8b2bca6933-FRA
document.977231d845.js
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/ Frame 3725
15 KB
3 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/document.977231d845.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a9e0ec3e08604e35e7f547370dd5d873f4ab0b9b0367491c764d4ee4c2177b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
MISS
content-md5
l3Ix2EVCl4iznhW4HjXsQA==
x-ms-lease-status
unlocked
last-modified
Fri, 09 Apr 2021 14:13:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b0687849-201e-0065-6914-084362000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6cca7d8b3bdb6933-FRA
animated-creative.d2b931beb0c8e53510f4.js
c.bannerflow.net/scripts/ Frame 3725
126 KB
42 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.d2b931beb0c8e53510f4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
x/M5KPZN780/Go5GcYCOHQ==
age
19328773
cf-polished
origSize=129416
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 11:56:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
95e2dcc6-401e-0087-5648-587e43000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6cca7d8b3bdd6933-FRA
cf-bgj
minify
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB9A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPmzGlXHfYcSsMdLW-gaX35uICAAAAAA4AeAEAg&bg=!V1SlVBDNAAaocxMpqHM7ACkAdvg8WoYmWxcjvd37GNC2U7fYSPJNQ4YDFiSYJQxEHvOkKKEYcQQlnQIAAABxUgAAAAhoAQcKAC3Zfiyi-2Qm24qpGcg47DtBmA0TwnYVl4z2cfYkVU_Vgo6i2OrY9Pg1IKkrIwOZAqIJYRj8Q0xHC2bcL7a1BpPFJ3fh5N_OL_L__uDYK9VStDREC_alDpLDeXJrmQtZxUR7fq7bWcsqJU0Ut6J6H8Yyz7FtQQY5hDQYI-11DzGEkJhVpSbObSoq1QzYTAY9gKO7EtT57v5b7I5Y3YqNZEHV6EGiQRl519Je1k9rvQP_1fb756axZh88Z2bWoYZFVZif711Ar5UMufpmguFUPL1liV1cPQrp9yi3junjScJ3EL9SI0jXuDnlW5plDeUInoBdZL51SLVfYSZAWUHvHoRMpneRvee3XXN3bSXyyOr7PQw-5dJfFV1AwkeSmIA0sAjTbg8o-gTWz07AQd4gqWMJ1ATDBMzOTGsTufSrfmbr1_EhrU8F0bY8tQO_a4fnCH0hEcmR1O3J1QPXYl9KUH0wPDWi_WQoqMAJjzyHQfLscRZ1ZV8OizBfblSbY8tC_X2AlEZsc7dzCF6FlCVXPaJn6WjPKkJ4nzMPAfFsd2ulDN7OrP17l6c1a6jixHVPMdjQvkLNqXcYNBAi8gaIQ3-Vjn0h32TC3z9mmNsA0MotRfJysMlNcDWhvkKf8cKZ3IVDOwtbrZTbjK_fjd__FfVmKM2J6ZlAlEiMJSFwkfYehyFYmMzaKMbUGSGilZgxMKMhkgQ9CmppuJ586eSmrXlmivso_H2uNL3ji87fMA0DBBzU5entPA53GPeYrZ00qaLmWOdi0SsloXG5sH45WslwRS_1yLsg_vvC_IFbjEN7qq5VA75eHRqaGAz6PqVuPdkCgg364W3FO5mhBJcLOOFdBKkPLycMdp9spM0CJA5DqqBMWysPaoLLHnD-FiDm5EDknOvhg23oLNSkq4DPlgBVzDNtqmF86AjNwOQORb_sLfXqPl7SmE1HgpuNv3h4viSQog
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6909
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_OO7lXHfYb6IMdj8gQfbnp-gCAAAAAA4AeAEAg&bg=!9Pel97PNAAaocxMpqHM7ACkAdvg8WkwQCzut2ahGea6K8TK5v8CLiHJR0CqF62AAuVjRysbidsVFSAIAAACKUgAAAAJoAQeZAqGBvEjNutuiGLGVK5jFm_IYcL1pNhv-kFQURUctygDJQTJK9f0SC3foHCHfis5elaKiUyMsmGM4_vXIpfF_TqV5bRnmI13JWgivmrJncfyCPWzMsxtBhOPLr-onXPthuwboiGrQA9jZk1r-lr7MPRDKinf__FjAeMkWb55BjepsJg4CzYpoCAU6cOrmb2sOZTczWp02g3htG5gx2kNdoVNPNhN09zm2sKVP2MVeYgzyu1d1Mzd5PmHyOkmNEY0n1tFf6OjPGDmDOnvyFZ1LRt6dZsp5bFJTJKLaH3dfvkM7QBqoXykMjyauFY03Ew08LJfKh6O9-FtY2lPniEK1mdxaxTorNWt2Z8P1ErBoVP579OSOKSAqufY0TyD1ZA1OfvrEWqUaiRuViw4Ohuwvb5x86iYAKtc_Frm-2ks01XE821zy0tyCdhEzJlMzX2KSd8fPM1Gz17BBBPDCUS2LQGMhSAtvNwcWF0V9WFhV-Lmb0cHwlcYzC1ckgku0SbC3eQ4LoOpUcAdQfWug66WTMV4N_TTrAsMX2HEA2es91alR8QPCWtrjIj7w7EXaWJOPzd-9m8OdA1VRhhUpiWThCTOj7munLm6MCRUT1nV2fpxzsRVv-yU_dOAs82X5VFmfnW8p60hj0HQd2pDY8yLGjlHeInpJbkb8hxj968jsFM_ut9dOP9KXlYmpc6bukTkfdj-cnbKPmMoQ4RSER_-dk8lCsoPpUtkLfyiotIIgBQMmtovi6qOhnI0qJA9qq6i9laa5hMUXmQjdB6Mq7joweeZe_X7F2MR3ElhyfDTGo8IXnMR1F6O4OdUnKBP8GMm6h3Kvb_1eqBr7G0QGWsTACJ28v86lEpcL-G-nA3F5b79aGG8ly8cgwtJKVx3T5f_b8y8a
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.0b788d2e4b.js
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/ Frame 6AB0
16 KB
3 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/document.0b788d2e4b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecb34cb2f7edbeb0119c6155edfb1b1cdc46f9889f31e523aaa4c85114d6816

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
MISS
content-md5
C3iNLkvbI4KmSq3V+2PCxA==
x-ms-lease-status
unlocked
last-modified
Tue, 13 Apr 2021 13:31:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
21c0339a-d01e-005e-0e14-0806c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6cca7d8b3bf76933-FRA
animated-creative.78fcdb07dcf63104779d.js
c.bannerflow.net/scripts/ Frame 6AB0
128 KB
43 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.78fcdb07dcf63104779d.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb783389fde225a43007ed7137d6bb7277a4ab63bd016a0c5f9153197a17c14b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
g71GcdiDE/5aw37rZQpO0Q==
age
19328730
cf-polished
origSize=131048
x-ms-lease-status
unlocked
last-modified
Fri, 09 Apr 2021 09:53:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a4faac3a-801e-006c-1148-5806b1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6cca7d8b3bf86933-FRA
cf-bgj
minify
KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26
37 KB
38 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
189394
x-cache
HIT
content-length
38349
x-response-time
313
surrogate-key
card_img card_img/bucket/6 card_img/1479442012629868546
last-modified
Fri, 07 Jan 2022 13:15:17 GMT
server
ECS (frb/6727)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26
28 KB
28 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
318280
x-cache
HIT
content-length
28376
x-response-time
269
surrogate-key
card_img card_img/bucket/7 card_img/1480087036879011840
last-modified
Sun, 09 Jan 2022 07:58:22 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame AF26
53 KB
12 KB
Stylesheet
General
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:06:44 GMT
Server
ECS (frb/6796)
Age
12251
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/
53 KB
53 KB
Image
General
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:06:44 GMT
Server
ECS (frb/6796)
Age
12251
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26
37 KB
38 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
189394
x-cache
HIT
content-length
38349
x-response-time
313
surrogate-key
card_img card_img/bucket/6 card_img/1479442012629868546
last-modified
Fri, 07 Jan 2022 13:15:17 GMT
server
ECS (frb/6727)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26
28 KB
28 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
318280
x-cache
HIT
content-length
28376
x-response-time
269
surrogate-key
card_img card_img/bucket/7 card_img/1480087036879011840
last-modified
Sun, 09 Jan 2022 07:58:22 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
3urObTU1_normal.png
pbs.twimg.com/profile_images/1114093741835456512/ Frame AF26
3 KB
3 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1114093741835456512/3urObTU1_normal.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
a98f84eca81c6053a50003f4ac8474f85429c9a4186775cf53a7618d561ab483
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
495413
x-cache
HIT
content-length
2871
x-response-time
108
surrogate-key
profile_images profile_images/bucket/0 profile_images/1114093741835456512
last-modified
Fri, 05 Apr 2019 09:11:41 GMT
server
ECS (frb/67A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8939ca42a9049adf9d2c0c85a77b9b0ba1213a70ad1fd4153b1765d8211034c3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame AF26
44 KB
7 KB
Stylesheet
General
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561889
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
7
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
50e26655f68e700cc3eb5887ebe9f1d15e251016072834aacf5f61aaece315b5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 20 Jan 2022 00:25:58 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/
44 KB
44 KB
Image
General
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561889
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
7
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
50e26655f68e700cc3eb5887ebe9f1d15e251016072834aacf5f61aaece315b5
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 20 Jan 2022 00:25:58 GMT
truncated
/ Frame AF26
512 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AF26
825 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AF26
572 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AF26
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 3725
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/webp
font
c.bannerflow.net/fs/api/v2/ Frame 3725
6 KB
7 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F41a192ed-5dc5-4cb8-8d67-4591f5583b82.woff&t=%20.AEOadeijklmnopstuvy%C3%A4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 20:23:00 GMT
server
cloudflare
age
100978
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=41a192ed-5dc5-4cb8-8d67-4591f5583b82-subset.woff
cf-ray
6cca7d8c9fc642cf-FRA
expires
Wed, 11 Jan 2023 20:23:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 3725
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F48797254-c800-4f7f-81fa-4dff25efd656.woff&t=.%3ANOadeijklnorstuv%C3%A4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 00:25:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=48797254-c800-4f7f-81fa-4dff25efd656-subset.woff
cf-ray
6cca7d8c9fc742cf-FRA
expires
Fri, 13 Jan 2023 00:25:58 GMT
truncated
/ Frame 6AB0
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/webp
font
c.bannerflow.net/fs/api/v2/ Frame 6AB0
6 KB
7 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F41a192ed-5dc5-4cb8-8d67-4591f5583b82.woff&t=%20.AEOadeijklmnopstuvy%C3%A4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 20:23:00 GMT
server
cloudflare
age
100978
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=41a192ed-5dc5-4cb8-8d67-4591f5583b82-subset.woff
cf-ray
6cca7d8cd83442cf-FRA
expires
Wed, 11 Jan 2023 20:23:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 6AB0
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F48797254-c800-4f7f-81fa-4dff25efd656.woff&t=.%3ANOadeijklnorstuv%C3%A4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 00:25:58 GMT
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=48797254-c800-4f7f-81fa-4dff25efd656-subset.woff
cf-ray
6cca7d8cd83742cf-FRA
expires
Fri, 13 Jan 2023 00:25:58 GMT
KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26
37 KB
38 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
189394
x-cache
HIT
content-length
38349
x-response-time
313
surrogate-key
card_img card_img/bucket/6 card_img/1479442012629868546
last-modified
Fri, 07 Jan 2022 13:15:17 GMT
server
ECS (frb/6727)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26
28 KB
28 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options
nosniff
age
318280
x-cache
HIT
content-length
28376
x-response-time
269
surrogate-key
card_img card_img/bucket/7 card_img/1480087036879011840
last-modified
Sun, 09 Jan 2022 07:58:22 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://viisasraha.fi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://viisasraha.fi
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1436
date
Thu, 13 Jan 2022 00:25:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/
483 B
940 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
566580
x-amz-request-id
tx405249188a46458ab6884-0061d5ef52
x-amz-id-2
tx405249188a46458ab6884-0061d5ef52
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH6SBpdr8r1nf1yfOeoigM6NqNRYDx8Ike4v%2BdmzOIgyO0cweIULPaEy482tMWdGyLh%2FW5gsdgSrObIthMIApZ2SaPBgvbArka875PfLSNMKakv%2FCR2RooByeZUm6v1aqs4hS7kfWwhAQeFp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1638788436623244
cf-ray
6cca7d8d8d295c8c-FRA
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQj...
353 B
616 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c5f9eb74692751400e1d30fd8057686662a9b7182e68eadf5cbb73d6c3176387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2054
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:57 GMT
location
https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1755
content-length
482
expires
0
ad
lwadm.com/
559 B
613 B
XHR
General
Full URL
https://lwadm.com/ad
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f0f282341b80085696daae20c9c6ce64c8fb98fc85101a985837fcfe65629a3

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
content-length
344
translator
hbopenbid.pubmatic.com/
0
0

/
adx.adform.net/adx/
10 B
577 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwMDI0MzcmcmN1cj1FVVImcHJpY2VUeXBlPWdyb3NzJnRyYW5zYWN0aW9uSWQ9OWE2MmVkMmEtMmUzMi00MmRmLTk0NzktYWZiNzczZDM4YTRh&bWlkPTEwMDI0MzUmcmN1cj1FVVImcHJpY2VUeXBlPWdyb3NzJnRyYW5zYWN0aW9uSWQ9OWM5ZTM5OWQtNDRhZS00ZjNiLTg4ZjAtMGU1ZDE5ZmY5MjA2&pt=gross&stid=ce342ebf-ec50-4d8b-8982-f8cdf6ab00db&fd=1
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://viisasraha.fi
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
hit.gif
visitanalytics.userreport.com/
43 B
498 B
Image
General
Full URL
https://visitanalytics.userreport.com/hit.gif?t=CDI03c42257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
72709
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
x-cache
Hit from cloudfront
content-length
43
last-modified
Thu, 15 Oct 2015 11:22:45 GMT
server
AmazonS3
date
Wed, 12 Jan 2022 04:14:11 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
A1lGtPPDao_IvhdAbQjJanFGQaGFCc4a1ZS31BXVzmDzhCnTvZdoCA==
expires
0
adagio.js
script.4dex.io/
71 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5657
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx31ce177f46184129b9279-0061adef80
x-amz-id-2
tx31ce177f46184129b9279-0061adef80
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLR%2BKucJRnEziP928a0nqgCtpPhCEoJcMAXzBrGLV9EKwFM%2Ff5QnRpAfwek9Iv7j8O3dmZDxv%2F3FiGVggOAT%2FEwMk6uc%2FR8OXh6MkiifPgahL5uk%2FzJw8lWgPO9afLXZ7RboQAlTWdx9UoRi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6cca7d8dce1d4e49-FRA
access-control-allow-headers
Authorization
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1020
date
Thu, 13 Jan 2022 00:25:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
jot.html
platform.twitter.com/ Frame F408
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
570 B
Document
General
Full URL
https://platform.twitter.com/jot.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests
1
Origin
https://viisasraha.fi
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
12252
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jan 2022 00:25:59 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Tue, 11 Jan 2022 20:08:28 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Thu, 13 Jan 2022 00:25:58 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Thu, 13 Jan 2022 00:25:58 GMT
x-transaction
8c0ab29b0f06dcfe
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-response-time
114
x-connection-hash
c17e98c369f7cff78eb444e6362be3bb4c8d62561b05001aa582e994f608dc87
optimize
c.bannerflow.net/io/api/image/ Frame 89D6
19 KB
19 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=608&h=401&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf16613f1552b269aa4f495d45a1aa3a62c566a4a1bfe61a6195075623652f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 11 Jan 2022 20:23:01 GMT
api-supported-versions
2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6cca7d8f3bc46933-FRA
content-length
19400
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 89D6
578 B
640 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F69140934-64cb-4176-ae5e-e420c37a0aaf.png&w=20&h=16&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07f36f86f5056cc137aec945d25fc15b55cb8b32c974a5b15312bf406ec69b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 00:25:59 GMT
api-supported-versions
2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6cca7d8f3bc66933-FRA
content-length
578
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
92fff189-e2df-400b-aa44-0963f1c5fd71.svg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/ Frame 89D6
2 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:58 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1ryfzxYdwTkb1pimcr4DJQ==
age
2137
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 10:06:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5a47bc2f-d01e-0095-10ff-010593000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6cca7d8f4bf16933-FRA
92fff189-e2df-400b-aa44-0963f1c5fd71.svg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/ Frame 4A40
2 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.78fcdb07dcf63104779d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Jan 2022 00:25:59 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1ryfzxYdwTkb1pimcr4DJQ==
age
2138
x-ms-lease-status
unlocked
last-modified
Thu, 20 Feb 2020 10:06:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5a47bc2f-d01e-0095-10ff-010593000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6cca7d906de56933-FRA
optimize
c.bannerflow.net/io/api/image/ Frame 4A40
13 KB
13 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=431&h=316&q=90&f=webp&x1=11&x2=556&y1=0&y2=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe867b53e81bf6a806cd166468c209b78ea126841d294b8cd8083c2850fee93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 11 Jan 2022 20:23:01 GMT
api-supported-versions
2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6cca7d906de66933-FRA
content-length
13404
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 4A40
544 B
629 B
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F69140934-64cb-4176-ae5e-e420c37a0aaf.png&w=18&h=16&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46eeab438539944e7bc19b1a864756733810410a863b8c33ab535c0e24aff2fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 00:25:59 GMT
api-supported-versions
2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6cca7d906de86933-FRA
content-length
544
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
pixel
c.bannerflow.net/tr/v2/ Frame 3725
0
82 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cca7d90eebc6933-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
pixel
c.bannerflow.net/tr/v2/ Frame 6AB0
0
34 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cca7d912f396933-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
DB_ViisasRaha_asuntolaina_468X400.jpg
viisasraha.fi/var/site/storage/images/_aliases/full-banner/0/8/9/6/36980-1-fin-FI/
82 KB
82 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/0/8/9/6/36980-1-fin-FI/DB_ViisasRaha_asuntolaina_468X400.jpg
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
82df52f688ae51706c1088ecc610833cbb2f22fa2c5cdc3c777f4d208ab5117f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:25:59 GMT
last-modified
Thu, 16 Dec 2021 10:25:10 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
83574
JukkaOksaharju.jpg
viisasraha.fi/var/site/storage/images/_aliases/nocrop832/8/9/2/7/37298-1-fin-FI/
34 KB
35 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/nocrop832/8/9/2/7/37298-1-fin-FI/JukkaOksaharju.jpg
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
e7b3ddc44d9f741a0ee7348ce4f2c6039a7695bc9d3f1875457a20b5ee54d012

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
last-modified
Mon, 10 Jan 2022 05:45:46 GMT
server
LiteSpeed
age
0
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/jpeg
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
35278
MicrosoftTeams-image%20(92).png
viisasraha.fi/var/site/storage/images/_aliases/full-banner/5/5/6/4/34655-1-fin-FI/
29 KB
29 KB
Image
General
Full URL
https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/5/5/6/4/34655-1-fin-FI/MicrosoftTeams-image%20(92).png
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS
s3.palvelin.pro
Software
LiteSpeed / PHP/7.2.34
Resource Hash
df2608f84638fff1e8a14e5c2fc6662faefeaa80efa1657639f58ee1782561ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
last-modified
Thu, 26 Aug 2021 09:56:03 GMT
server
LiteSpeed
age
1
x-powered-by
PHP/7.2.34
vary
User-Agent
content-type
image/png
cache-control
no-cache, private
content-transfer-encoding
binary
accept-ranges
bytes
content-length
29893
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=viisasraha.fi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=viisasraha.fi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
158 KB
29 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2497024290627880&correlator=74536902781810&output=ldjh&impl=fifs&eid=31063821%2C31063943%2C31064089%2C31064094%2C31064095%2C44755510&vrg=2022011101&ptt=17&sc=1&sfv=1-0-38&ecs=20220113&iu_parts=21903480248%2Cviisasraha.fi%2Cviisasraha.fi_content%2Cviisasraha.fi_sidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=320x50%7C320x320%7C336x280%7C468x600%7C360x300%7C300x250%7C600x600%7C468x400%7C300x300%7C338x338%7C360x360%2C300x300%7C300x600%7C160x600%7C300x250&fluid=height%2C0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642033559&dt=1642033559944&dlt=1642033557482&idt=431&frm=20&biw=1600&bih=1200&oid=2&adxs=270%2C1030&adys=6734%2C3408&adks=2120671619%2C2887215067&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fviisasraha.fi%2F&vis=1&scr_x=0&scr_y=0&psz=740x40%7C300x0&msz=740x0%7C300x0&ga_vid=1714183167.1642033558&ga_sid=1642033560&ga_hid=161788461&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c7460ed0e58d0b3a53ef2799c6907fba76c978786538de461106921fef2631b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29249
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://viisasraha.fi
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d811fb4eb99f646be456ebe4eb8183fd96c273ddc612eb046b9ac980dde23700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8629
x-xss-protection
0
container.html
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C7BA
6 KB
4 KB
Document
General
Full URL
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 13 Jan 2022 00:26:00 GMT
expires
Fri, 13 Jan 2023 00:26:00 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:26:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7AE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 12 Jan 2022 23:20:47 GMT
expires
Thu, 12 Jan 2023 23:20:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EDF5
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6265ba2c2bb8df1401a47253a03e265fffc0632fed9c13707c429f692ac9584
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RFeobW+XOqPdYahSC0tSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 13 Jan 2022 00:26:00 GMT
date
Thu, 13 Jan 2022 00:26:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-RFeobW+XOqPdYahSC0tSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
pagead2.googlesyndication.com/bg/ Frame A7AE
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:20:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13313
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 23:20:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EDF5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011101&jk=2497024290627880&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame A7AE
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?St60sw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011101&jk=2497024290627880&bg=!PD-lP3vNAAaocxMpqHM7ACkAdvg8WkABre0MTG87nC8Yh05Iwm1DK1AnULJ5mnzGIBHtXYrInaFJwAIAAABTUgAAAANoAQcKABaNTaZaWTptahM3pQvPiRvJh8Tjsmp2mQKJATYqyiqUE8cNCcshNcNPVufyx7eVwKR7Jy0YoPVliJqG8V0OnJpz6IwGNF1d0yStbA28jqoS-PDvM3PfRkIobAkIYfoW1YPLr4k-aN--KsF3J3nhg67y9J2SmmHtKKT0QE5cy9iAPr0lfC0t94a03_8x_o8_bIflDc4O-cWGHSuBRTJlqFtpnWwbCoo3tlWE_eWkx_fhYWwNXl73QchAnwiIFuX2fd4320YySnaCTz5cN3Ui4RQnZoUnK5xzsXMF2ZT8odtkL_I_65OUH8aKRJe6aAjI7Ugrwi846L3XLSVhf1yEw2sR8L5xZqQIMdwntNx7F_4YWgicFOZKReZqCpBLIg0-xUirGFzLdApZLEp_nLlimvMmKPu_o5C66GWzxsj3ZCO5o8dx-meV1JMfwt7fMgBgIsnAdEEK0AAkckIYwkS-Gq4UilrFu-wVNl3jnxoeVSzBFPcvZTFfaLR05b_OxbhxYx4JGvp5Bk89Hq4SL9GMRCHUyqcAOw1bjR_YK8YPsbKYboVAq9rAWBFRRplXoTqTy9Uree5NR61Fkgw9r774dtUDoodnXPhal5IYHwYeNEPmtbceSNEBjc9FhvqnjjpTBBhu3K0b7feNpYWIEPXlGsFrzpZDPYrf6P47zTDjtqvi9Q22Sq6-6nzjbfjjuWNhd68Cc-MakKEmKMeNq-cGM-EQ9gY0S5jLt2pwMCNk-igirwZjNuT7KtIotsyM_l4LF1C09ppfTj-7dS6GKpcwzhYiz6bqM6R524Mz3DXIEDklbvK-36dxB0ZaU2Fticb8wvisIpisubIDErcZaAfng_O0XkARogxSxYEwdx-5X22T44WYAI8F3NvN-Rdt6bYRgJAj7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame D92A
189 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
212637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A
13 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
212637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
212637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A
71 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16759
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 23:29:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6f5521ec42d8a94a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 23:29:37 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
212637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
212637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 13:22:03 GMT
truncated
/ Frame D92A
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e7cf39f59cfd079ee8824b1944fd89a5da28ea970917ad86b359b659ef2c89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
bg.jpg
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/bg.jpg
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24370e56c19370412f5bf37d1f1a5a4f88597afc338d612e537f8a82cbb18c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9521
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text1_1.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
994 B
1021 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_1.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d32e20290800713b853c7ccaa4cb78c4e6f987cbdaa4af0a40f3d0b0545da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
994
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text1_2.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
884 B
911 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_2.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc962c92e8dbeac8ce1b3237d092b18925bcc81caabf54e93286524ad3cea526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
884
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text1_3.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_3.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fc14fb868ae1681487532fdf7e83c5fd3314bf8c38a2871e46c4e91975db90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text1_4.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
722 B
749 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_4.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e15087276e13924a81a7753ac7bb95e9b012340e7c03c4f3c26da0e880e4013f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
722
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text1_5.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_5.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07f606424258bac88037d5bcc64166f1b5df6e09372b20ea4e2cf16101c4f49a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1077
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
text2_1.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text2_1.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f960d4d7b6d7d570af05d21f8934d46ed243bc231fc5c85fcd164a23a76e62a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 03:24:32 GMT
x-content-type-options
nosniff
age
594088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3240
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Jan 2023 03:24:32 GMT
stoerer.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/stoerer.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d660670547ee96b0044ac8666427891693666a974dfcb710a4315ec18b9bb3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3696
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
logo.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/logo.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e515d4ad34f03fb0903fb1c0227115fd997d735753df3cbbf89a3839e35d7e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 01:01:55 GMT
x-content-type-options
nosniff
age
602645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3770
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Jan 2023 01:01:55 GMT
cta.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
819 B
846 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/cta.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a88f714012e2bed9fe831ed0615a73edb642fb6e529c2399e2658ae72771640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
819
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
cta_text.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/cta_text.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4004fd1b3ddbee33c09ace1dc9c6201d8623e371610f72ab27ee4d2ead8e5443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options
nosniff
age
233003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1027
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 14:38:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Jan 2023 07:42:37 GMT
container.html
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13FD
6 KB
3 KB
Document
General
Full URL
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 13 Jan 2022 00:26:00 GMT
expires
Fri, 13 Jan 2023 00:26:00 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fi.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/fi.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 22:44:12 GMT
x-content-type-options
nosniff
server
cafe
age
6108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
5712710698203043590
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2249
x-xss-protection
0
expires
Thu, 13 Jan 2022 22:44:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
67346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 13 Jan 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame D92A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS93NLXa2ea_ENyMraA-e3VF8J56y2yt-FK8DI0tSlg0Ofk8VPAZ-Jcg2E0ui3or14_UX_JzQBxvzF4pOTzj122kEZHbw
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame D92A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CipTZmHHfYd5ok7jfA8-jhpgOpuql1Gfj6qn9nw-bnfX9CBABIK_iv3tglYKAgLAHoAHF6pm5AsgBCakC9XdypQYxsz7gAgCoAwHIAwiqBPkBT9C22k0b33gG_gOnFxoAu9cYypzMyejqDYYjxKZG4YjbH1Gi7FbPm6Ck_o56S_LePlTPli82Ec8DGaNDnAbB59JCXHjlKmXdi_ub6C_Br4E0zIbAuMilqgG8qrmqdeHmADOiayn2nDBJlibRZ_8rBPwGLKh5zNzQDu_WEnS1BJS5i7_Do7kWkcDEYTEkqcXRocDpRw7y0rpjV-mwowZlHW8Fq4lm2k1rX7wDO-K4nkO8S4V7Rwlwj61q75oAgGgE4avomuj8H4btmhTIFB7hDA9QAH86sUP2N9MBa7gqIkwsyBQ-nGw5LyKf9K_7GHUca4QNraaM8BhuwASO99Tu5APgBAGSBQQIBBgBkgUECAUYBKAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBClyE_SCAkIgOGAEBABGB2ACgPICwHYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTI4NTIzMDU4ODY5ODMxNRi-nnU&sigh=xn9g8A6xEGw&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

10
lwadm.com/analytics/
0
280 B
XHR
General
Full URL
https://lwadm.com/analytics/10
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://viisasraha.fi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://viisasraha.fi
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame 76B0
624 B
733 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 13 Jan 2022 00:26:00 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 13FD
77 KB
31 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtXYhXzWbFGwIz69vz-lC3yezVH_L3HPBTr28D5I5fRdZP4e-3vwfUBNkSakD9yjzwsQqYhksad3PA61tYfr_3BNLojRMyikrAyIXZi954LeiHkq_qsiAMGPGBrUDomhREgZUmz9vhIWKHLy_7YU7nF-92WA&dbm_d=AKAmf-AoTgDOahAFvPFsadJUQ2PRqycmMZzyo-feQGVPJtSUt6UG7QBRjWp7tzOW1Mce1KiEsPcfOPd2N-oylIBkEa51Qs-u581P6dXJXn18UgszkzeUgZpXPclV8hqNgUgcfRCQKrOVNctMmMEZ7UoAHL5vQNXShs8QmAFiiK3n0kVxrbKj2ccBldb4lzXyK9YCvov-el2UUGwXIZnDLmdISmYDKVgIliRyjExnR2QTS_Syuzw0l927N0LPh748GKtXPQwxjGOG-nfgFbKblxMLZdPA-Bs7dVNx2T92qR-3HhAQ4wo24soqCx66v0aHyrof2F8mYlfWSS31-trTgqfx-yBxJD8VUdpquN7u1T7MN1irIzQs4ZLczZlmMSpqyJ52zAvXRXXam_36wRWLHpJbpKJDVAc6aBmxzZcE7YdDCsr_CBi5c-5fWPnzYIvHVY8OiZHGx_vNvp1aWsfREcJQcRl5dpPHlkwxsvvs9cHyMCdqrRgx7at3stK6Zze1id3-o-9AcmeoSV05Rwqfjr8AgSG7skRzvpJCjnPGTMjauSsnyUc4jZNfSsUOemzDh24epCahX7CbW6K8M12DYxu697aB-Td7gFYFQ1ZXH2dZuIrHclNR2iUckudzyERzri1lFQTXMuZ8IpXFsMo0GS_wMG8itGfPnO9ea-gvy5VvJqSFBEu__nzuX7KYmQqazDZmi3S8BIQzYRpQ3vRz4bG01XKQVLyYeCfMq29FOGsWta0ycRbF6Pv-mujQjkP8st7xYeSiwbWRGJrTyS_bTkZYKbiaV_WHQZ08mAy0PbVMRg7ThuOyUlP98_REkYZz-j69mREEc8p3EIf-tYn5XNuFG2CTDdVsvTP-u2Ix7pYMXglgpVDAC05s-AVgsBiJyz-gCtQy4or4Cvj6qMnOyHk7xUUf_PRwm0UKrLY6BzCDqw09Yc0aCwvZPLcrziJK2HUC23VsptVznC9PBwkatLE3K07vztBzX_1o1iW6wXH8YQ0MteXO8kN9QSEOxBDAt5ltIS6K6r5uJLWbnzNqffw-jf2ldx4TVWew7jFsHv84eaIWJZMNMpHtaRtW9DR5vCMNt_-HDGvZ768Oo6y9Z59uMQAbZLFec5Lcnjv1ywYzuWHrf6oa_FVIc8bErE_H2j5XZw9vxO3dyTePyf8BnBiVs44MMQqkm7jqN__eksaquoUhCtWb0nLIE0bKvMbewbih49p2zs6WYYo9A20ihUX0frlx9sNfap8JeGMiohaB3enZcYqULN3m1HKEH3Elq5YjBCmhzDDDo5OmQC-F3ABtbwNnHrSZLU8S1uN0-aJeB_57078ZvX185nHudxAKz5p7i52UFT229-ztQn64Jb-9nZ-UlkqIB6R6cPa84fOcAj5Th4nsq2anhMHX6X_q-OsFUzbogDZVvCpGOBk9nWek5cBu_i08YauSJqgm8JHcKKPM5gYR0KnEAqyDAEkRaGBrOTECvTD5_aR5KJ_zjPYZ3nE31jtUhi9HM33IPpjg1Dh65aYGoy_XGw2PrSgGErVkxqK4DTm_gePCWXTJ_4gmW_7x86Kmv_LQjPKTngNkT0hxeL_ZsnRTTC9kqiGvtuTrPCeO5sXrjxaY96X2QhzXQ56H_K_RyCyrfZaTTZw8mdnujSbnFvfYkaQG9IASPCLyH5vBScKVHVhRdd9wsrFymTf5PPrG0z78XURYupvg3aqorAOBl_jtMytk8GjbywQWCtG226tFBqiF2itUdgP_yM8DeMPdD48z8mz-fNUkyIP96b6MRsHuUcFOTkfLpdkl-6s2Nhd3ruUQR5ezCaONqAMm_rpfvp1UkHx5g9GQ0EY-Lcbl2w8j_dEmSSmnyLCI5PJC61ndV4q_fKsTpJn365FU7qxH_8oJBzlbfKcXHOMLg0LqPFK17ocOp-Vl6JpaQ3Uyh-Yqt8Hg4YK-I-nzDcOfDg1nSOxWBVPhh_V5am7SwYZs2ubRhD7epkO4vXiXbYGNGQgefgu30IPw_QHMJxUuNopd7hvd5je8A3KCBAMm6QGfxah0dC4Ft4vThXiqMwhOjxt8BcyFZ0k7nUPVpta7oifmZ2ffbPUpSq1fx4h6CNrYHpEh8ysPOhfzvHX1o6DOKmq187Xy01PJm2nZYshB6aWUeAnw836fEdrdC47WlnvvoLGr2uhZqUixcO7kVPQIGBBlrrLe8sR7tq4UsmfAZIBBTyuvgaBAd5KuOXasgkCc1TDOHSQWZ9Oowq_HiWegUIYi3xUUZZ3UFXiXoXd_z3nnukp93aFt1EhMLDAgprdHEDR-GlynaW3eB2fr9jzujRkVBHXYkvg3PpI8xPSQ0PknG9zxsXXGvjQ_sgFKHLmydqvjFecc16BXB7wxFkMlXOUdkvSEPpn0svziclFZmgN5JrNoh2eEaRVlApJgCpo6kaZTSazLkAppouDtpuV74VDaMWs8RH_APBXD_2ivDth-Yd8kcCl3BbwJuTtX_mSFy-j4gx8IMoHVi3MEnVIdmFWuZQUbhYKJfg3x2v0Y5u-7DndQgHYCBX7YlE67Bbhvkaxvp6R6L9AOi-nZa9j-ZNzbHYKQ7rMLsm_DGA-P38Yn5d3XgTPpaqHdaGaGeMGRtlwumKxul6EqFCFah1mmJDQLArSPbpF0CTn1X_j21hKS1dOQVK2_yYLaw3JlkuMgwpD3o1pIcLzOkwd_wX6hTh0eZKnwfGbNQP3X8NV5aaNSNR6gSHklXkSlZfX7qVc72yZGVAL_mrDprgvirq_WzksIaAfIG_UjCNfCLj8_vX4rl-tC3fB-vhHzUqydLA-1OYIEc91mYqiJfU962uQDPZmNywRTRL0djsVCtE-U0joIV-3c7FDu_-HYEjp_Tid82niW5DpoYvvrlY0gcW9ZyjZCIsW1DHVAC0G8vMgtziKHWhYUV8bCJLMiZ-u6hq--n9gkJKcq-d9Iiwyn11U1F3TBPXvHGBaIEuo-jMULXckGjV23anTO8AF9_dJ0kQjO1bmhaAKCtJgU6d0_RgU_2tVdCij85jQhDoftF_8zIBCodA&cid=CAASEuRo1emIRVcxhxv7gfA3dt75OQ&rfl=1%2Chttps%253A%252F%252Fviisasraha.fi%252F%240
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09f2b195d5da04b975223e5f06a73f7014398f13151a596d5a84ebf83d0fc3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 13FD
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSyUr0vx1XOfapt3ZhBZGymiDr_28gglhFF6ur0L9JGMtUv7K2Mz5B1fN9lkzNaftpjNA1mdffqSMnOJCnWLiJKfCa4S4mWeYI6om5wyTKibs4fvw
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/ Frame 13FD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/window_focus_fy2019.js
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:00:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 13FD
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:26:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/ Frame 13FD
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
182e9cee52aa715413f1a206dc3ec3c4ffb1f4b54859ddad7d00b601aab1a251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6475
x-xss-protection
0
server
cafe
etag
8251579188570802182
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:22:44 GMT
fi.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/fi.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 22:44:12 GMT
x-content-type-options
nosniff
server
cafe
age
6108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
5712710698203043590
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2249
x-xss-protection
0
expires
Thu, 13 Jan 2022 22:44:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
67346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 13 Jan 2022 05:43:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 76B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 Jan 2022 00:26:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 13 Jan 2022 00:26:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 76B0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd9xmK7-6Mkq0ZjdODac0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 Jan 2022 00:26:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 76B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPjvS9mcq40CbnN4o8F9gBo&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b2df7805-3a3a-49fd-b360-0a0c0fc712e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8b4f5b08-912a-4120-97c8-c377527e865c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 76B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
61008bd0-d44a-49d2-88f6-9cf270312d59
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 13FD
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Origin
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 10:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 10:25:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame 13FD
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtXYhXzWbFGwIz69vz-lC3yezVH_L3HPBTr28D5I5fRdZP4e-3vwfUBNkSakD9yjzwsQqYhksad3PA61tYfr_3BNLojRMyikrAyIXZi954LeiHkq_qsiAMGPGBrUDomhREgZUmz9vhIWKHLy_7YU7nF-92WA&dbm_d=AKAmf-AoTgDOahAFvPFsadJUQ2PRqycmMZzyo-feQGVPJtSUt6UG7QBRjWp7tzOW1Mce1KiEsPcfOPd2N-oylIBkEa51Qs-u581P6dXJXn18UgszkzeUgZpXPclV8hqNgUgcfRCQKrOVNctMmMEZ7UoAHL5vQNXShs8QmAFiiK3n0kVxrbKj2ccBldb4lzXyK9YCvov-el2UUGwXIZnDLmdISmYDKVgIliRyjExnR2QTS_Syuzw0l927N0LPh748GKtXPQwxjGOG-nfgFbKblxMLZdPA-Bs7dVNx2T92qR-3HhAQ4wo24soqCx66v0aHyrof2F8mYlfWSS31-trTgqfx-yBxJD8VUdpquN7u1T7MN1irIzQs4ZLczZlmMSpqyJ52zAvXRXXam_36wRWLHpJbpKJDVAc6aBmxzZcE7YdDCsr_CBi5c-5fWPnzYIvHVY8OiZHGx_vNvp1aWsfREcJQcRl5dpPHlkwxsvvs9cHyMCdqrRgx7at3stK6Zze1id3-o-9AcmeoSV05Rwqfjr8AgSG7skRzvpJCjnPGTMjauSsnyUc4jZNfSsUOemzDh24epCahX7CbW6K8M12DYxu697aB-Td7gFYFQ1ZXH2dZuIrHclNR2iUckudzyERzri1lFQTXMuZ8IpXFsMo0GS_wMG8itGfPnO9ea-gvy5VvJqSFBEu__nzuX7KYmQqazDZmi3S8BIQzYRpQ3vRz4bG01XKQVLyYeCfMq29FOGsWta0ycRbF6Pv-mujQjkP8st7xYeSiwbWRGJrTyS_bTkZYKbiaV_WHQZ08mAy0PbVMRg7ThuOyUlP98_REkYZz-j69mREEc8p3EIf-tYn5XNuFG2CTDdVsvTP-u2Ix7pYMXglgpVDAC05s-AVgsBiJyz-gCtQy4or4Cvj6qMnOyHk7xUUf_PRwm0UKrLY6BzCDqw09Yc0aCwvZPLcrziJK2HUC23VsptVznC9PBwkatLE3K07vztBzX_1o1iW6wXH8YQ0MteXO8kN9QSEOxBDAt5ltIS6K6r5uJLWbnzNqffw-jf2ldx4TVWew7jFsHv84eaIWJZMNMpHtaRtW9DR5vCMNt_-HDGvZ768Oo6y9Z59uMQAbZLFec5Lcnjv1ywYzuWHrf6oa_FVIc8bErE_H2j5XZw9vxO3dyTePyf8BnBiVs44MMQqkm7jqN__eksaquoUhCtWb0nLIE0bKvMbewbih49p2zs6WYYo9A20ihUX0frlx9sNfap8JeGMiohaB3enZcYqULN3m1HKEH3Elq5YjBCmhzDDDo5OmQC-F3ABtbwNnHrSZLU8S1uN0-aJeB_57078ZvX185nHudxAKz5p7i52UFT229-ztQn64Jb-9nZ-UlkqIB6R6cPa84fOcAj5Th4nsq2anhMHX6X_q-OsFUzbogDZVvCpGOBk9nWek5cBu_i08YauSJqgm8JHcKKPM5gYR0KnEAqyDAEkRaGBrOTECvTD5_aR5KJ_zjPYZ3nE31jtUhi9HM33IPpjg1Dh65aYGoy_XGw2PrSgGErVkxqK4DTm_gePCWXTJ_4gmW_7x86Kmv_LQjPKTngNkT0hxeL_ZsnRTTC9kqiGvtuTrPCeO5sXrjxaY96X2QhzXQ56H_K_RyCyrfZaTTZw8mdnujSbnFvfYkaQG9IASPCLyH5vBScKVHVhRdd9wsrFymTf5PPrG0z78XURYupvg3aqorAOBl_jtMytk8GjbywQWCtG226tFBqiF2itUdgP_yM8DeMPdD48z8mz-fNUkyIP96b6MRsHuUcFOTkfLpdkl-6s2Nhd3ruUQR5ezCaONqAMm_rpfvp1UkHx5g9GQ0EY-Lcbl2w8j_dEmSSmnyLCI5PJC61ndV4q_fKsTpJn365FU7qxH_8oJBzlbfKcXHOMLg0LqPFK17ocOp-Vl6JpaQ3Uyh-Yqt8Hg4YK-I-nzDcOfDg1nSOxWBVPhh_V5am7SwYZs2ubRhD7epkO4vXiXbYGNGQgefgu30IPw_QHMJxUuNopd7hvd5je8A3KCBAMm6QGfxah0dC4Ft4vThXiqMwhOjxt8BcyFZ0k7nUPVpta7oifmZ2ffbPUpSq1fx4h6CNrYHpEh8ysPOhfzvHX1o6DOKmq187Xy01PJm2nZYshB6aWUeAnw836fEdrdC47WlnvvoLGr2uhZqUixcO7kVPQIGBBlrrLe8sR7tq4UsmfAZIBBTyuvgaBAd5KuOXasgkCc1TDOHSQWZ9Oowq_HiWegUIYi3xUUZZ3UFXiXoXd_z3nnukp93aFt1EhMLDAgprdHEDR-GlynaW3eB2fr9jzujRkVBHXYkvg3PpI8xPSQ0PknG9zxsXXGvjQ_sgFKHLmydqvjFecc16BXB7wxFkMlXOUdkvSEPpn0svziclFZmgN5JrNoh2eEaRVlApJgCpo6kaZTSazLkAppouDtpuV74VDaMWs8RH_APBXD_2ivDth-Yd8kcCl3BbwJuTtX_mSFy-j4gx8IMoHVi3MEnVIdmFWuZQUbhYKJfg3x2v0Y5u-7DndQgHYCBX7YlE67Bbhvkaxvp6R6L9AOi-nZa9j-ZNzbHYKQ7rMLsm_DGA-P38Yn5d3XgTPpaqHdaGaGeMGRtlwumKxul6EqFCFah1mmJDQLArSPbpF0CTn1X_j21hKS1dOQVK2_yYLaw3JlkuMgwpD3o1pIcLzOkwd_wX6hTh0eZKnwfGbNQP3X8NV5aaNSNR6gSHklXkSlZfX7qVc72yZGVAL_mrDprgvirq_WzksIaAfIG_UjCNfCLj8_vX4rl-tC3fB-vhHzUqydLA-1OYIEc91mYqiJfU962uQDPZmNywRTRL0djsVCtE-U0joIV-3c7FDu_-HYEjp_Tid82niW5DpoYvvrlY0gcW9ZyjZCIsW1DHVAC0G8vMgtziKHWhYUV8bCJLMiZ-u6hq--n9gkJKcq-d9Iiwyn11U1F3TBPXvHGBaIEuo-jMULXckGjV23anTO8AF9_dJ0kQjO1bmhaAKCtJgU6d0_RgU_2tVdCij85jQhDoftF_8zIBCodA&cid=CAASEuRo1emIRVcxhxv7gfA3dt75OQ&rfl=1%2Chttps%253A%252F%252Fviisasraha.fi%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:13:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/ Frame 13FD
24 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtXYhXzWbFGwIz69vz-lC3yezVH_L3HPBTr28D5I5fRdZP4e-3vwfUBNkSakD9yjzwsQqYhksad3PA61tYfr_3BNLojRMyikrAyIXZi954LeiHkq_qsiAMGPGBrUDomhREgZUmz9vhIWKHLy_7YU7nF-92WA&dbm_d=AKAmf-AoTgDOahAFvPFsadJUQ2PRqycmMZzyo-feQGVPJtSUt6UG7QBRjWp7tzOW1Mce1KiEsPcfOPd2N-oylIBkEa51Qs-u581P6dXJXn18UgszkzeUgZpXPclV8hqNgUgcfRCQKrOVNctMmMEZ7UoAHL5vQNXShs8QmAFiiK3n0kVxrbKj2ccBldb4lzXyK9YCvov-el2UUGwXIZnDLmdISmYDKVgIliRyjExnR2QTS_Syuzw0l927N0LPh748GKtXPQwxjGOG-nfgFbKblxMLZdPA-Bs7dVNx2T92qR-3HhAQ4wo24soqCx66v0aHyrof2F8mYlfWSS31-trTgqfx-yBxJD8VUdpquN7u1T7MN1irIzQs4ZLczZlmMSpqyJ52zAvXRXXam_36wRWLHpJbpKJDVAc6aBmxzZcE7YdDCsr_CBi5c-5fWPnzYIvHVY8OiZHGx_vNvp1aWsfREcJQcRl5dpPHlkwxsvvs9cHyMCdqrRgx7at3stK6Zze1id3-o-9AcmeoSV05Rwqfjr8AgSG7skRzvpJCjnPGTMjauSsnyUc4jZNfSsUOemzDh24epCahX7CbW6K8M12DYxu697aB-Td7gFYFQ1ZXH2dZuIrHclNR2iUckudzyERzri1lFQTXMuZ8IpXFsMo0GS_wMG8itGfPnO9ea-gvy5VvJqSFBEu__nzuX7KYmQqazDZmi3S8BIQzYRpQ3vRz4bG01XKQVLyYeCfMq29FOGsWta0ycRbF6Pv-mujQjkP8st7xYeSiwbWRGJrTyS_bTkZYKbiaV_WHQZ08mAy0PbVMRg7ThuOyUlP98_REkYZz-j69mREEc8p3EIf-tYn5XNuFG2CTDdVsvTP-u2Ix7pYMXglgpVDAC05s-AVgsBiJyz-gCtQy4or4Cvj6qMnOyHk7xUUf_PRwm0UKrLY6BzCDqw09Yc0aCwvZPLcrziJK2HUC23VsptVznC9PBwkatLE3K07vztBzX_1o1iW6wXH8YQ0MteXO8kN9QSEOxBDAt5ltIS6K6r5uJLWbnzNqffw-jf2ldx4TVWew7jFsHv84eaIWJZMNMpHtaRtW9DR5vCMNt_-HDGvZ768Oo6y9Z59uMQAbZLFec5Lcnjv1ywYzuWHrf6oa_FVIc8bErE_H2j5XZw9vxO3dyTePyf8BnBiVs44MMQqkm7jqN__eksaquoUhCtWb0nLIE0bKvMbewbih49p2zs6WYYo9A20ihUX0frlx9sNfap8JeGMiohaB3enZcYqULN3m1HKEH3Elq5YjBCmhzDDDo5OmQC-F3ABtbwNnHrSZLU8S1uN0-aJeB_57078ZvX185nHudxAKz5p7i52UFT229-ztQn64Jb-9nZ-UlkqIB6R6cPa84fOcAj5Th4nsq2anhMHX6X_q-OsFUzbogDZVvCpGOBk9nWek5cBu_i08YauSJqgm8JHcKKPM5gYR0KnEAqyDAEkRaGBrOTECvTD5_aR5KJ_zjPYZ3nE31jtUhi9HM33IPpjg1Dh65aYGoy_XGw2PrSgGErVkxqK4DTm_gePCWXTJ_4gmW_7x86Kmv_LQjPKTngNkT0hxeL_ZsnRTTC9kqiGvtuTrPCeO5sXrjxaY96X2QhzXQ56H_K_RyCyrfZaTTZw8mdnujSbnFvfYkaQG9IASPCLyH5vBScKVHVhRdd9wsrFymTf5PPrG0z78XURYupvg3aqorAOBl_jtMytk8GjbywQWCtG226tFBqiF2itUdgP_yM8DeMPdD48z8mz-fNUkyIP96b6MRsHuUcFOTkfLpdkl-6s2Nhd3ruUQR5ezCaONqAMm_rpfvp1UkHx5g9GQ0EY-Lcbl2w8j_dEmSSmnyLCI5PJC61ndV4q_fKsTpJn365FU7qxH_8oJBzlbfKcXHOMLg0LqPFK17ocOp-Vl6JpaQ3Uyh-Yqt8Hg4YK-I-nzDcOfDg1nSOxWBVPhh_V5am7SwYZs2ubRhD7epkO4vXiXbYGNGQgefgu30IPw_QHMJxUuNopd7hvd5je8A3KCBAMm6QGfxah0dC4Ft4vThXiqMwhOjxt8BcyFZ0k7nUPVpta7oifmZ2ffbPUpSq1fx4h6CNrYHpEh8ysPOhfzvHX1o6DOKmq187Xy01PJm2nZYshB6aWUeAnw836fEdrdC47WlnvvoLGr2uhZqUixcO7kVPQIGBBlrrLe8sR7tq4UsmfAZIBBTyuvgaBAd5KuOXasgkCc1TDOHSQWZ9Oowq_HiWegUIYi3xUUZZ3UFXiXoXd_z3nnukp93aFt1EhMLDAgprdHEDR-GlynaW3eB2fr9jzujRkVBHXYkvg3PpI8xPSQ0PknG9zxsXXGvjQ_sgFKHLmydqvjFecc16BXB7wxFkMlXOUdkvSEPpn0svziclFZmgN5JrNoh2eEaRVlApJgCpo6kaZTSazLkAppouDtpuV74VDaMWs8RH_APBXD_2ivDth-Yd8kcCl3BbwJuTtX_mSFy-j4gx8IMoHVi3MEnVIdmFWuZQUbhYKJfg3x2v0Y5u-7DndQgHYCBX7YlE67Bbhvkaxvp6R6L9AOi-nZa9j-ZNzbHYKQ7rMLsm_DGA-P38Yn5d3XgTPpaqHdaGaGeMGRtlwumKxul6EqFCFah1mmJDQLArSPbpF0CTn1X_j21hKS1dOQVK2_yYLaw3JlkuMgwpD3o1pIcLzOkwd_wX6hTh0eZKnwfGbNQP3X8NV5aaNSNR6gSHklXkSlZfX7qVc72yZGVAL_mrDprgvirq_WzksIaAfIG_UjCNfCLj8_vX4rl-tC3fB-vhHzUqydLA-1OYIEc91mYqiJfU962uQDPZmNywRTRL0djsVCtE-U0joIV-3c7FDu_-HYEjp_Tid82niW5DpoYvvrlY0gcW9ZyjZCIsW1DHVAC0G8vMgtziKHWhYUV8bCJLMiZ-u6hq--n9gkJKcq-d9Iiwyn11U1F3TBPXvHGBaIEuo-jMULXckGjV23anTO8AF9_dJ0kQjO1bmhaAKCtJgU6d0_RgU_2tVdCij85jQhDoftF_8zIBCodA&cid=CAASEuRo1emIRVcxhxv7gfA3dt75OQ&rfl=1%2Chttps%253A%252F%252Fviisasraha.fi%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 00:16:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 13FD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 13:28:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4137
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 12 Jan 2022 05:53:44 GMT
expires
Thu, 13 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66736
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CED3
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 08 Jan 2022 18:05:45 GMT
expires
Sun, 08 Jan 2023 18:05:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
368415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
300x600.html
s0.2mdn.net/sadbundle/10440403487295537152/ Frame 6516
47 KB
11 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09cf4deda5a1a90d3d1ed91440de70973e9f2a9fa1affbfb617fd1a687aabab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Thu, 13 Jan 2022 00:26:00 GMT
expires
Fri, 13 Jan 2023 00:26:00 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 23 Jul 2021 06:16:35 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 13FD
0
24 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRj3FRLy8bKdSSbR_fDvkMCXyi0tOUEnEgw8XFZFkqZTWTmAw10Ci8YbLzm2XMWSS4hpdz70NCjIohr4aL8JdzQT317pk-Lpa1t7yjhv0qHc3Dz-txiqkRtC90VtIhsH_YHiq1D5XfRr5hvOECh4LqhZZEVxzkVpJ8lD3uDWigJUcZQg5F1bJooYBOS3sZqGyi-7vWCgXH21cX6rrE1ee840OHWvNOQXg1VjdFA4C6ZiC6IjDUmHIEse31uwkTQEaP4VStN1lXKQ5--j9ZH2cU18uHHYztP3Ma-BV6JF0rEjR_WkecBW8InWUaNpIwgl2gqAySTtRc9QYYx8CPv4WFhrfGHH_FajGcbMZx8hPa51VTSiq-zIMN8Oq2fXe2pGUs5EVAQnvCUzb0q8Z_ORGlmtmIBp7mjDJHCO2WjZmlBg7KoB9CBPkROjmrBztkCk8EDZaEVyFMusqzsYKCsWps74dzCXBpjiHdVRwMIC3enGbDWDMspIOucEin09DYntDWfIAxohg3yVQHUtZvd56xa7l_DFRKb0bPcjgbdxtJMQjGb5s7yGUCmhxHtx3R7f-_Wvmt8Mp6_GJKhTX4rrPFGzOGUixM9c--gOmnAQYPMWjtS5U6Ni7ToYj3u8ngYgsh5C-DD0ai5_7Gf99xAdAp6qrnQskRw5APJ3DY9KLWoq9oTAxdGe5V9k8zpM9eGfS-ybB65jrHghWxVBTrw3MvnjzDfUrob48bBtMseDHOEMugD7P9aXuqoJ7uNPgcBD7s5LtXn8UBEuGqNN8pdKAfMQHFejyKI9L2sz97J_o7HRF-sMTMG9g7zmXUyRhV12zZ7xwb_R0L0ydN2HI8Ds3WDfoB3r76hPOc9D4xrxudH3s5JQlDGyw1VAN0pRwpwTwWDXceRuN6roHGE97NVDnMe48PFNrD-j2OppPokSeF2Zyu56DNhwOizUOQLSauNcmiFnuo7kkp6BxNdp6O_IyV_3qHwlMhpLdZxxGXFmdU070bWblJrilCyt_TRR1MKqjwHiblgqDUaRroUzpgS9NEZchF1GW3cl5sN_xKnScPNl5k05enmLY9q3Hy6yjEajdALJsMdO0jlYl0ttzJsps5YTyjpbVg9YfNI4ODVlYPjskHbkz0xirQxMCzOc8dth6smszZQUQt3PTTJsSvHNavgzABNQ5qCzbxGDq1jQ&sai=AMfl-YTHzw93cK3i5OvIQrQXv7QDWlcxWNgP4fIb5lwmcOm3S5HxA5yzAVyK61e-Z_6HYkXKx3ITYNSLJ1tToMrqByobENdNgYTrcNrWwEksnookkgCr7_NtOD9B7oAtmogbiEKO5LSfXNxoQeobwbAIirrUCHNI3A&sig=Cg0ArKJSzCqUMBhbD63lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=49&cbvp=1&cstd=44&cisv=r20220110.43455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 13 Jan 2022 00:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
google2waycm.netmng.com/cm/ Frame 4137
0
0

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4137
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1&google_push=AYg5qPL3zbqHF_cSGHiH79pvIsev_IKeMtcNwppK_4aPgD8ranP1JncVi4ABvDfEMdc4q5nw9FNsHLPVuAqBRltx2QuvH1Sd4Vuh
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxNzIyNzY2MDExMTA4OTY2MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
43 B
407 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:25:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4137
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA7hdwI6nzAhb5HTUOpZuoY&google_cver=1&google_push=AYg5qPIVSv4MYJxxESrQ9ZjgM5lp63E-FIFeOgeclE9PAe6wr_Rs3etSYxMK4K769pmv1gHusvlPJGINp3BMiRghucvCVsNUBgJ0Qg
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
0
0

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58G...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
0
0

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLW...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinAS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw
date
Thu, 13 Jan 2022 00:26:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMe...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMe...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU
date
Thu, 13 Jan 2022 00:26:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 4137
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfomUGnIufNL215iflst-CBeNks90G_Rw9_CzUvHxsnEW6PhyyJoOmM_n4FFbN2DT9yt1jB1Y
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
pagead2.googlesyndication.com/bg/ Frame CED3
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:20:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13313
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 23:20:33 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 6516
116 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 10:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 10:40:18 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6516
60 KB
24 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 00:26:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 13FD
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRj3FRLy8bKdSSbR_fDvkMCXyi0tOUEnEgw8XFZFkqZTWTmAw10Ci8YbLzm2XMWSS4hpdz70NCjIohr4aL8JdzQT317pk-Lpa1t7yjhv0qHc3Dz-txiqkRtC90VtIhsH_YHiq1D5XfRr5hvOECh4LqhZZEVxzkVpJ8lD3uDWigJUcZQg5F1bJooYBOS3sZqGyi-7vWCgXH21cX6rrE1ee840OHWvNOQXg1VjdFA4C6ZiC6IjDUmHIEse31uwkTQEaP4VStN1lXKQ5--j9ZH2cU18uHHYztP3Ma-BV6JF0rEjR_WkecBW8InWUaNpIwgl2gqAySTtRc9QYYx8CPv4WFhrfGHH_FajGcbMZx8hPa51VTSiq-zIMN8Oq2fXe2pGUs5EVAQnvCUzb0q8Z_ORGlmtmIBp7mjDJHCO2WjZmlBg7KoB9CBPkROjmrBztkCk8EDZaEVyFMusqzsYKCsWps74dzCXBpjiHdVRwMIC3enGbDWDMspIOucEin09DYntDWfIAxohg3yVQHUtZvd56xa7l_DFRKb0bPcjgbdxtJMQjGb5s7yGUCmhxHtx3R7f-_Wvmt8Mp6_GJKhTX4rrPFGzOGUixM9c--gOmnAQYPMWjtS5U6Ni7ToYj3u8ngYgsh5C-DD0ai5_7Gf99xAdAp6qrnQskRw5APJ3DY9KLWoq9oTAxdGe5V9k8zpM9eGfS-ybB65jrHghWxVBTrw3MvnjzDfUrob48bBtMseDHOEMugD7P9aXuqoJ7uNPgcBD7s5LtXn8UBEuGqNN8pdKAfMQHFejyKI9L2sz97J_o7HRF-sMTMG9g7zmXUyRhV12zZ7xwb_R0L0ydN2HI8Ds3WDfoB3r76hPOc9D4xrxudH3s5JQlDGyw1VAN0pRwpwTwWDXceRuN6roHGE97NVDnMe48PFNrD-j2OppPokSeF2Zyu56DNhwOizUOQLSauNcmiFnuo7kkp6BxNdp6O_IyV_3qHwlMhpLdZxxGXFmdU070bWblJrilCyt_TRR1MKqjwHiblgqDUaRroUzpgS9NEZchF1GW3cl5sN_xKnScPNl5k05enmLY9q3Hy6yjEajdALJsMdO0jlYl0ttzJsps5YTyjpbVg9YfNI4ODVlYPjskHbkz0xirQxMCzOc8dth6smszZQUQt3PTTJsSvHNavgzABNQ5qCzbxGDq1jQ&sai=AMfl-YTHzw93cK3i5OvIQrQXv7QDWlcxWNgP4fIb5lwmcOm3S5HxA5yzAVyK61e-Z_6HYkXKx3ITYNSLJ1tToMrqByobENdNgYTrcNrWwEksnookkgCr7_NtOD9B7oAtmogbiEKO5LSfXNxoQeobwbAIirrUCHNI3A&sig=Cg0ArKJSzCqUMBhbD63lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&vt=11&dtpt=65&dett=3&cstd=44&cisv=r20220110.43455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6516
6 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9cc555bb54707aed9f00bbd12374ca9c2ee518c615ad72ea91c50b9408dc367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4602
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_rCNmHHfYbGKIInX7_UPv8CWqAsAAAAAOAHgBAI&bg=!cHOlczfNAAaocxMpqHM7ACkAdvg8Wjt-EMRJ3aogSA1tgdYhoT5479yYoeY-43Y-qKnnpEukKq2W3gIAAABaUgAAAAJoAQeZAsepXc3JcYGOg0g6WI2-XtMraNgW3wXQr_XTHokhwHTfCDNcFpO_yzpmIJz1YYusSMKK2NIU5TdZN_ZqddUI7wK9N0KjdXsqEx_pQtuc6G8UqvZa_lLsobNDA6oZxCX6ejm4r28U8nctlXnK7_q7iyZFn4Ccngh6bY8utN4Vgf8BbZ1b8wb8IcWqx8auZM4mcJYLRjFRbbJUKMJoEvsBzFypwvDNNa9ar5iNryZqaqYJU9OZ-5kfoU9eea7SIqbs9g_TnBRPnD8L8mGhI-U0h6EmaXjIo48IlC0PdozrWDzzXiKEBwmUojof08r-BUu2-OsIFZ956nbHpB5w43YtNkDbbVizqbM1gihkdGzXAEIg-0Fkr-yKUTcnOl_aR1snJFoaNyK6YCDbHqWJAtiDzpug-fFLNWDLvHGdxxItIK-TND6sL90iXLvdtx4bVMySmfIORuvFQ_oucMEfF87NTtOKcDYtY71VlpUnaKC3kQvwvpSaru4pxLZHmeLOY3l6j54MgU19FBLdUmgfxIYYkfCOYMcXoh3Mv1ico4eG3AClKwNkCK1OJaFlYePHSZ3Cv0nAilFgVP04c1mb_ohPlWOrt2KLFft6UuS5F5GPUxsyekVLpbmhwyGXKtMywgxSxh-1rRVxsGzbGp3AUn4Y-vz3dDA_y16gBfICo4TGFuzP727ALMwFB8F-8xd5kOriEuU6tapftRrsjTJ6ilxOGBWtI-pQ-hos1RdrXuxH7sT2J4Obe_pw8joiFb7oAd5J7ycxH4J_Mh-L56IXKHT3s_y1oWBJ6stOa54PrETntxGeuV8YH0xRuivHrAnNd1N0vY35NCvTv0N-lGNyA60lGCw1Yvwmz4VmSM8E90rWFnevU3ZlULixXRSvi3KzaoLGLc3hX-q7jZq-9SDpoNyRO6yocejea58n5M-kElWbCQdQRJC79n1m9IA
Requested by
Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6516
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 00:26:00 GMT
ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
pagead2.googlesyndication.com/bg/ Frame 8078
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:20:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13313
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 23:20:33 GMT
truncated
/ Frame 13FD
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e5d936e86046250a53660487d50079f15aa51cd1470bc9ffc18d8f0edad5448

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
60005582_20210910245320703_300x600_LOOK-01B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516
72 KB
72 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245320703_300x600_LOOK-01B.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20a2ef887a247f69bd933e0163383438188de920bcd4c4ded920d0e68beb8dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options
nosniff
age
5053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73614
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 07:53:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 23:01:48 GMT
60005582_20210910245324072_300x600_LOOK-02B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516
76 KB
76 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245324072_300x600_LOOK-02B.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79ce7be073d9d7c36a3d35ade59a4949c0f09969850445f76b83a96982e39ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options
nosniff
age
5053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77756
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 07:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 23:01:48 GMT
60005582_20210910245327812_300x600_LOOK-03B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516
73 KB
73 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245327812_300x600_LOOK-03B.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d20657079f8954eb227679fb4ca5b73b03f9624915a290819cdd067a60a1b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options
nosniff
age
5053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74617
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 07:53:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jan 2022 23:01:48 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 6516
43 B
609 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251655_146022261_-0&ref=27008872_4307561_324251655_146022261_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Obertshausen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 00:26:01 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AAA3
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=99319
expires
Fri, 14 Jan 2022 04:01:21 GMT
date
Thu, 13 Jan 2022 00:26:02 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3F4
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=96387
Requested by
Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=99319
expires
Fri, 14 Jan 2022 04:01:21 GMT
date
Thu, 13 Jan 2022 00:26:02 GMT
vary
Accept-Encoding
pl
lwadm.com/usermatch/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%...
  • https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
70 B
473 B
Image
General
Full URL
https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
Protocol
H2
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viisasraha.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

location
https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
date
Thu, 13 Jan 2022 00:26:02 GMT
server
nginx
content-length
0
content-type
text/plain
PugMaster
image6.pubmatic.com/AdServer/ Frame AAA3
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51260590&p=96387&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d35ac0be7910388b1ca06d92daa9dc70b56586a5bfe13cf499463c59d4a70c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:01 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame A7DE
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4B03
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
42 B
512 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug002:0:400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Thu, 13 Jan 2022 00:26:03 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Expires
Thu, 13 Jan 2022 00:26:02 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C6DF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
42 B
209 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug030:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame E96C
43 B
362 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 Jan 2022 00:26:02 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Thu, 13 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
582402
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 28BF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
42 B
366 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 12 Jan 2022 21:03:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0022:0:478
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 13 Jan 2022 00:26:03 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Pug
simage2.pubmatic.com/AdServer/ Frame 9DB5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
1 B
410 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 12 Jan 2022 21:03:39 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0024:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
accept-ranges
bytes
date
Thu, 13 Jan 2022 00:26:03 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1642033563.237355,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8C9F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug015:0:394
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jan 2022 00:26:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Content-Length
159
Connection
keep-alive
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame E002
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame ACE4
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:02 GMT
content-type
text/html; charset=utf-8
x-lat
amspug001:2:273
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Thu, 13 Jan 2022 00:26:03 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame AC40
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
42 B
217 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug006:0:435
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 13 Jan 2022 00:26:03 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame CD2E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cca7daaab728bc9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1827
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cca7da989988bc9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame EDB0
0
0

dpe
ad4m.at/ad/ Frame 2C9D
15 B
915 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c08e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cca7da9bd7c71ce-LHR
Pug
simage2.pubmatic.com/AdServer/ Frame 5CF5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606
  • https://sync.1rx.io/usersync/tradedesk/99f0e4a9-cb02-4aa9-aa46-47ef2e75d17d
  • https://sync.targeting.unrulymedia.com/csync/RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
42 B
511 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 12 Jan 2022 21:03:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0027:0:428
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
etag
RX77bcf3573cc244d695923f8c2b1a2078003
bridge
cm.adgrx.com/ Frame 81C9
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 13 Jan 2022 00:26:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
cookiesync
core.iprom.net/ Frame 99D9
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-276f3b7a09e4@version_1.366v3
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
1ms
Date
Thu, 13 Jan 2022 00:26:03 GMT
pl
lwadm.com/usermatch/ Frame A14A
70 B
557 B
Document
General
Full URL
https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=52cbd598-2715-4c43-a06f-229fc170f945&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
content-type
image/gif
content-length
70
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AAA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E1mKfs7LSG-PzfxFRqsQaQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99318
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 14 Jan 2022 04:01:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
0
259 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 13 Jan 2022 00:26:03 GMT
Server
MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 13 Jan 2022 00:26:02 GMT
/
pixel.onaudience.com/ Frame AAA3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=13598A7E-CECB-486F-8FCD-FC4546AB1069
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
35 B
248 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
HTTP/1.1
Server
141.94.170.77 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Thu, 13 Jan 2022 00:26:03 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM1OThBN0UtQ0VDQi00ODZGLThGQ0QtRkM0NTQ2QUIxMDY5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:364
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
42 B
591 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:363
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AAA3
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 12 Jan 2022 00:26:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
42 B
390 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 21:58:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0023:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
42 B
293 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:342
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
42 B
233 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug027:0:542
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:03 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2efec890-ea1d-4828-867b-ddc4512c2066
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=13598A7E-CECB-486F-8FCD-FC4546AB1069&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
0
48 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
date
Thu, 13 Jan 2022 00:26:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
13598A7E-CECB-486F-8FCD-FC4546AB1069
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AAA3
43 B
875 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/13598A7E-CECB-486F-8FCD-FC4546AB1069?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
42 B
314 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:504
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5b92343e-6313-520d-b27c-a13bd3a3d0a0&ssp=pubmatic&expires=30&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
335 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:402
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 13 Jan 2022 00:26:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
1 B
321 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 21:00:21 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:394
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 13 Jan 2022 00:26:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame AAA3
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=13598A7E-CECB-486F-8FCD-FC4546AB1069&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
42 B
233 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:346
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 00:26:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame AAA3
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:359
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jan 2022 00:26:03 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7fe714a7-bdae-4912-9e28-ceee954c6c46
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEAcp_urXAdhsYlpwJ5c8pf8&google_cver=1&google_push=AYg5qPJYOtUXmFwfNKYMbUuyOGdtg0wa8GGOZmX2wUVzbHxBkN-7SIxvzvQQhnAFuezpU8m0lcexrKLTTBEB9s5o1RbY4bAbWL0X
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onsecuritypolicyviolation object| onslotchange function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| cookieconsent function| _giosg function| hj object| _hjSettings function| strossle object| lwhbim object| gaplugins object| gaGlobal object| gaData object| dcmads object| livewrapped object| pbjs boolean| lwanalytic boolean| pbjslspbjs object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Strossle object| regeneratorRuntime object| StrossleStorage object| giosgWebpackJsonp undefined| _ object| giosg function| jGiosg object| goog_ddm_ps object| ampInaboxIframes object| ampInaboxPendingMessages boolean| isMobile object| googletag object| ggeac object| google_js_reporting_queue object| __twttrll object| twttr object| __twttr function| $ function| jQuery object| bootstrap function| iFrameResize object| lazySizesConfig object| lazySizes object| Adform object| _adform object| adformtag object| _fscope function| pbjsChunk object| _pbjsGlobals object| ADAGIO undefined| google_measure_js_timing undefined| _adform_cb_1642033557980_5785538191481245 boolean| loadPushedlwhbim object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

33 Cookies

Domain/Path Name / Value
lwadm.com/ Name: uid
Value: 679c8f9bc8034a279bea9511fd8b6008
.viisasraha.fi/ Name: _ga
Value: GA1.2.1714183167.1642033558
.viisasraha.fi/ Name: _gid
Value: GA1.2.2033765066.1642033558
.viisasraha.fi/ Name: _gat_gtag_UA_48142457_13
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6218817439156915704
viisasraha.fi/ Name: lwuid
Value: 679c8f9bc8034a279bea9511fd8b6008
.viisasraha.fi/ Name: _hjSessionUser_2073088
Value: eyJpZCI6ImUxMzQzNDg0LTc3MGYtNTQwMi04NGY3LTRkZDk0YmUzYjAxMiIsImNyZWF0ZWQiOjE2NDIwMzM1NTc3NjUsImV4aXN0aW5nIjpmYWxzZX0=
.viisasraha.fi/ Name: _hjFirstSeen
Value: 1
viisasraha.fi/ Name: _hjIncludedInPageviewSample
Value: 1
.viisasraha.fi/ Name: _hjSession_2073088
Value: eyJpZCI6ImUwNDU0YmRmLTViOGMtNDM0MC1hZWZjLTU3YzZjYjk2YWM2NiIsImNyZWF0ZWQiOjE2NDIwMzM1NTc5NjksImluU2FtcGxlIjp0cnVlfQ==
.viisasraha.fi/ Name: _hjAbsoluteSessionInProgress
Value: 0
viisasraha.fi/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
viisasraha.fi/ Name: cto_bidid
Value: DPeERl9GWUtib0pTWkE0ZENja2w2aEU4T0JWWm5sdHZCUyUyRlNyTUIyYTdGJTJGQTUzczMlMkJUUndCZVBaRVBqcFJKc29NNTNBcXBTb3RxOGFQMjZ3c05IMHRLWFM4ZyUzRCUzRA
viisasraha.fi/ Name: cto_bundle
Value: mIUa3V9MSmlCREVWNTlQRUNBelFDRGMlMkJRNSUyRmtUNE1VM1Rnb0VmM21MUXBlN2JKY1daSmw0TmRpam1VekUlMkIyZTFtUzRidzlYaEdsNkZLNkpPZG0lMkJmWElTQzJ0WEkxSlNwZlV5Nm9IUzVIVVNva2JpRlZsVnYxMyUyRkRGWFp6c2cyNDRwTkc
.doubleclick.net/ Name: IDE
Value: AHWqTUkD1PdX9TWtH6FqPc2GgmQG39OcpIBCHBnyn0-EztOxAD7DXTl_C0nnw5dXBns
.viisasraha.fi/ Name: __gads
Value: ID=f9194f28ad70739f:T=1642033559:S=ALNI_MZ_dB4epquec7tnjnG0sqWa6lmQFw
.casalemedia.com/ Name: CMPS
Value: 3239
.casalemedia.com/ Name: CMID
Value: Yd9xmK7-6Mkq0ZjdODac0QAA
.casalemedia.com/ Name: CMPRO
Value: 1138
.casalemedia.com/ Name: CMST
Value: Yd9xmGHfcZgA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVHkcLD8!]tbPl1M>e)ZlrFUfJ+tGXvWB@ez^@HO?K0NXJdaX4UgRVv=33c?/bNN/DpH*bpRz*qF1`*b`9r*6FRZ
.adnxs.com/ Name: uuid2
Value: 7041323315059818779
.casalemedia.com/ Name: CMRUM3
Value: 2d61df71982760CAESEAXoFE-lENM8WBflYOhTm3k
.yahoo.com/ Name: A3
Value: d=AQABBJhx32ECECP7JB7Ly9VQza0afCiYwMkFEgEBAQHD4GHpYQAAAAAA_eMAAA&S=AQAAAquph5ZrGkQnderMNd7SAZk
.advertising.com/ Name: APID
Value: UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2
.turn.com/ Name: uid
Value: 3317227660111089660
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~22mo:18wq~22mo"
.yahoo.com/ Name: APID
Value: UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2
.yahoo.com/ Name: APIDTS
Value: 1642033560
.360yield.com/ Name: tuuid
Value: 08255bb8-c1ff-46f6-abd4-fd99d30134f9
.360yield.com/ Name: tuuid_lu
Value: 1642033560
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251655_146022261_-0&ref=27008872_4307561_324251655_146022261_-0

9 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
assets.strossle.com
bonfire.spklw.com
c.bannerflow.net
c1.adform.net
cdn.ampproject.org
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
content.lwadm.com
core.iprom.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
feed.lehtiluukku.fi
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
in.hotjar.com
loada.exelator.com
lwadm.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
portal.o2online.de
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r.turn.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.giosg.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
vars.hotjar.com
viisasraha.fi
visitanalytics.userreport.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
hbopenbid.pubmatic.com
match.adsby.bidtheatre.com
match.prod.bidr.io
trc.taboola.com
104.244.42.200
108.157.4.57
13.224.193.12
141.94.170.77
142.250.184.226
142.250.186.166
142.250.186.98
143.204.98.29
15.197.193.217
151.101.2.49
159.122.14.34
173.231.180.197
178.250.0.157
178.250.0.163
178.63.219.113
18.156.0.31
18.197.186.171
18.198.121.250
18.66.112.111
185.29.132.245
185.33.221.53
185.64.189.110
185.64.190.78
185.64.190.80
188.165.137.78
188.42.191.196
195.5.165.20
198.47.127.20
2.18.234.21
2.21.141.175
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.45
23.88.75.189
2600:9000:21f3:2600:1b:7f5c:2c80:93a1
2600:9000:2315:1200:19:1c05:a1c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:8a9
2606:4700:3031::ac43:d645
2606:4700:3039::6815:c08e
2606:4700::6810:135e
2606:4700::6810:d40
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:2638::1c
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
31.217.192.158
34.102.253.54
34.205.3.24
34.241.159.43
34.254.143.3
35.156.232.125
37.157.2.247
37.157.3.29
37.157.6.241
37.157.6.242
54.171.36.119
66.155.71.149
82.113.101.132
85.114.159.118
95.216.215.9
07f606424258bac88037d5bcc64166f1b5df6e09372b20ea4e2cf16101c4f49a
09f2b195d5da04b975223e5f06a73f7014398f13151a596d5a84ebf83d0fc3d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0e96a40c38b9acd2aed198af86727faf9adacb0d73364f7583aaf740f687d44e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ee2cbde9a472a390bdf54eabf18b5b093b4080c55c0ba7c415ecab85a58a821
1028e23693af5ebfab763bbcf0e34164a9f8a8b7edab823000e680428be6b097
11ceff13d6c52cc4f36a14030e396c789b09828b48a4b4fb9fa11028ebe09d8c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f
182e9cee52aa715413f1a206dc3ec3c4ffb1f4b54859ddad7d00b601aab1a251
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a88f714012e2bed9fe831ed0615a73edb642fb6e529c2399e2658ae72771640
1d660670547ee96b0044ac8666427891693666a974dfcb710a4315ec18b9bb3f
20a2ef887a247f69bd933e0163383438188de920bcd4c4ded920d0e68beb8dd2
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
26b32c35a2119f2c84d15ba619815f30615a190dff209df727d3d996d702e9b3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2d0cbcd1269e55e005b91a097951f98a08a48e4118dcfe999b2969b437ca14bc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
323a1227e87d3936afbba80e883cb98419126b85cf3338f81f7ca1977689e138
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a
3b8e63ea9bea0a39730aa2d685c78473ac9b21007b8f025d4c06bc1daa5dbef8
3cd5d2d2e122d66b1f874388992b947163db63bc01d6654a1dbfe85fb64dbc00
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e5d936e86046250a53660487d50079f15aa51cd1470bc9ffc18d8f0edad5448
3e8ab5f7daaaf482bba164c993d17017c49a80cbf7aaeaf4df1400fafadefe62
3fce457cdd83ee885c8c8c711eddb3c721d375ccf9bcb6b764e5b6452cd218e6
4004fd1b3ddbee33c09ace1dc9c6201d8623e371610f72ab27ee4d2ead8e5443
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
438ba58ddf03960043861c544b21eb6cc61834d69b3a3f9a24b7e05510ea76b9
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
459deeea63d0130a0e33f7c336375711339932953e9c210e833ca3da034e073e
46eeab438539944e7bc19b1a864756733810410a863b8c33ab535c0e24aff2fc
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c74a57a9eed5ef80d28578e6e9dd949d6de71306cfaf884006f5daea8e035b4
4ce32392b6fc3e58db363c2032619e02d58d460e28db3a7db90a9d930a7c6da0
4cf16613f1552b269aa4f495d45a1aa3a62c566a4a1bfe61a6195075623652f9
4d20657079f8954eb227679fb4ca5b73b03f9624915a290819cdd067a60a1b86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54ad4a5cadfc0419bf288a8752fdfd0ebf312a76dbe59612e568ed3248d6b789
54bb0bb2861c66bd9d4f8ba5ac31a15ce7c79307e1fe5515588d38edb7dc6a67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56af099705b5d8b1e9668ddddb9ea19965486bac07a3eddfc1d1b8a9ae3241bf
58d35ac0be7910388b1ca06d92daa9dc70b56586a5bfe13cf499463c59d4a70c
6006d01c3bd434a8410e8aba2a84b5816da5b3be4214afe7585cc2d24cddadbc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718a3ae3f8d7cbb50ea6d3c7394770e0d3ed74065a3d209d8182b1ada8d60dc9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
79ce7be073d9d7c36a3d35ade59a4949c0f09969850445f76b83a96982e39ea7
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe867b53e81bf6a806cd166468c209b78ea126841d294b8cd8083c2850fee93
82df52f688ae51706c1088ecc610833cbb2f22fa2c5cdc3c777f4d208ab5117f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
9312253427d9dedc9681e7277bfb6f3dac43c92af95951bf7321567ce3971eac
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99b3a7094bb41058185e523e557e97e1ccf4d75f46207fc7143b4687d72e3ffe
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9d3b363a2b2029cc1d31211d83be842986d147af0e62679339154d96db7580e0
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f0f282341b80085696daae20c9c6ce64c8fb98fc85101a985837fcfe65629a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
a09cf4deda5a1a90d3d1ed91440de70973e9f2a9fa1affbfb617fd1a687aabab
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98f84eca81c6053a50003f4ac8474f85429c9a4186775cf53a7618d561ab483
b07f36f86f5056cc137aec945d25fc15b55cb8b32c974a5b15312bf406ec69b8
b0d32e20290800713b853c7ccaa4cb78c4e6f987cbdaa4af0a40f3d0b0545da3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b
b1cf29d04f1c7fcebbf6799008a2d90c77b7572a203f30394dfcbe6950b0e5c3
b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15
b3a9e0ec3e08604e35e7f547370dd5d873f4ab0b9b0367491c764d4ee4c2177b
b6265ba2c2bb8df1401a47253a03e265fffc0632fed9c13707c429f692ac9584
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b90e8625d42f6ab88d2ff0f91ff2f63c9aefb4b1af8299fca6d423b1646599bd
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbd3917cd586d225aa97c932532c998aec2b7ec5af03d149c9b8d8dda22cfeb4
c24370e56c19370412f5bf37d1f1a5a4f88597afc338d612e537f8a82cbb18c3
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7
c404463be3375101f9b01a6b878901697045f9f73ccb461e75c6e944eccb2826
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c5f9eb74692751400e1d30fd8057686662a9b7182e68eadf5cbb73d6c3176387
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7460ed0e58d0b3a53ef2799c6907fba76c978786538de461106921fef2631b4
c9fb3741d896ebeb9350da7de38b326ef40c4e7743ad7cb480d62a9346037496
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cb783389fde225a43007ed7137d6bb7277a4ab63bd016a0c5f9153197a17c14b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cecb34cb2f7edbeb0119c6155edfb1b1cdc46f9889f31e523aaa4c85114d6816
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
d811fb4eb99f646be456ebe4eb8183fd96c273ddc612eb046b9ac980dde23700
d9cc555bb54707aed9f00bbd12374ca9c2ee518c615ad72ea91c50b9408dc367
db0fe984e70fedf2e3d1684526247bc7d8f4a8f1cec7e0a874dffa9d4e1337fb
db7ff16d60fe68cc7c0c36e47848cf583fe2754bf31c8af6e2bbe2be636542b0
dc25a2821005b9dec41a6cb8b81224a7f6f07f90f1a8adaf6bb93eb3256fe0b4
dc962c92e8dbeac8ce1b3237d092b18925bcc81caabf54e93286524ad3cea526
dd068715136cf647c1257a5755756c9715d5d3828d7d2021c7fab0d9f1b09285
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df2608f84638fff1e8a14e5c2fc6662faefeaa80efa1657639f58ee1782561ac
e15087276e13924a81a7753ac7bb95e9b012340e7c03c4f3c26da0e880e4013f
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e46fad913ac5c0909b399e533e5935ea0cabf6dd3beba8856d63d1c6413b49ce
e515d4ad34f03fb0903fb1c0227115fd997d735753df3cbbf89a3839e35d7e03
e6e7cf39f59cfd079ee8824b1944fd89a5da28ea970917ad86b359b659ef2c89
e7b3ddc44d9f741a0ee7348ce4f2c6039a7695bc9d3f1875457a20b5ee54d012
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb76751dd0224dd462533225c22494207c3190ad01534bdab28d4dd7281605db
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8c88ff679553f0238d388b61adff27e453d3f7b8b27d5dfcb2df109a4a48d9f
f960d4d7b6d7d570af05d21f8934d46ed243bc231fc5c85fcd164a23a76e62a9
f9fc14fb868ae1681487532fdf7e83c5fd3314bf8c38a2871e46c4e91975db90
fc34016da75e7f8e3f123320aabdd8b0259a59a7634bcdbfb9face7dbc2b5c41
fc664e4c9216232427d7e13d67febe9ae4b53f95c092e474c13d71f66d6ee0c2