viisasraha.fi Open in urlscan Pro
31.217.192.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://viisasraha.fi/
Submission: On January 13 via automatic, source certstream-suspicious (January 13th 2022, 12:26:03 am UTC) — Scanned from DE

Summary HTTP 239 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 61 domains to perform 239 HTTP transactions. The main IP is 31.217.192.158, located in Finland and belongs to PLANEETTA-AS, FI. The main domain is viisasraha.fi.
TLS certificate: Issued by R3 on January 12th 2022. Valid for: 3 months.

This is the only time viisasraha.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	31.217.192.158 31.217.192.158	58003 (PLANEETTA-AS) (PLANEETTA-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:231... 2600:9000:2315:1200:19:1c05:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	35.156.232.125 35.156.232.125	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	95.216.215.9 95.216.215.9	24940 (HETZNER-AS) (HETZNER-AS)
1 4	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	178.63.219.113 178.63.219.113	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:2600:1b:7f5c:2c80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	34.241.159.43 34.241.159.43	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	54.171.36.119 54.171.36.119	16509 (AMAZON-02) (AMAZON-02)
8	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
20	2606:4700::68... 2606:4700::6810:d40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.157.4.57 108.157.4.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	18.197.186.171 18.197.186.171	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
3	2.21.141.175 2.21.141.175	() ()
1 1	37.157.6.242 37.157.6.242	() ()
1	185.64.190.78 185.64.190.78	() ()
1 2	37.157.3.29 37.157.3.29	() ()
2 2	185.29.132.245 185.29.132.245	() ()
11	185.64.189.110 185.64.189.110	() ()
2 2	213.155.156.185 213.155.156.185	() ()
7	185.64.190.80 185.64.190.80	() ()
1	178.250.0.163 178.250.0.163	() ()
1 1	85.114.159.118 85.114.159.118	() ()
2 2	151.101.2.49 151.101.2.49	() ()
1 1	34.205.3.24 34.205.3.24	() ()
1 1	23.88.75.189 23.88.75.189	() ()
1 1	188.165.137.78 188.165.137.78	() ()
1 2	2606:4700::68... 2606:4700::6812:d05	() ()
1	2606:4700:303... 2606:4700:3039::6815:c08e	() ()
3 3	213.19.147.45 213.19.147.45	() ()
4 4	15.197.193.217 15.197.193.217	() ()
1	173.231.180.197 173.231.180.197	() ()
1	195.5.165.20 195.5.165.20	() ()
2	198.47.127.20 198.47.127.20	() ()
1 2	141.94.170.77 141.94.170.77	() ()
2 2	34.254.143.3 34.254.143.3	() ()
1	159.122.14.34 159.122.14.34	() ()
1	2a05:d018:d29... 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8	() ()
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	() ()
3 3	18.198.121.250 18.198.121.250	() ()
2 2	188.42.191.196 188.42.191.196	() ()
2 2	66.155.71.149 66.155.71.149	() ()
1 1	34.102.253.54 34.102.253.54	() ()
239	62

17 31.217.192.158 (Finland)

ASN58003 (PLANEETTA-AS, FI)
PTR: s3.palvelin.pro

viisasraha.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:1200:19:1c05:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.strossle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.232.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com

lwadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.215.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: api01.epaper.fi

feed.lehtiluukku.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.241 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.219.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com

service.giosg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2600:1b:7f5c:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.lwadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.159.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-159-43.eu-west-1.compute.amazonaws.com

bonfire.spklw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.36.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-36-119.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.57 (United States)

ASN16509 (AMAZON-02, US)

visitanalytics.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.186.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-186-171.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Obertshausen, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.141.175 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (None, ) 1 redirects

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (None, ) 1 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.189.110 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.3.24 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (None, ) 1 redirects

ASN- ()

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c08e (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (None, ) 4 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.121.250 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (None, ) 2 redirects

ASN- ()

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com	232 KB
27	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 187 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 169	253 KB
24	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	37 KB
20	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 11064	236 KB
17	viisasraha.fi viisasraha.fi	830 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 245	431 KB
10	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1340 pbs.twimg.com — Cisco Umbrella Rank: 691 ton.twimg.com — Cisco Umbrella Rank: 5003	255 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 546 syndication.twitter.com — Cisco Umbrella Rank: 767	214 KB
8	adform.net 3 redirects track.adform.net — Cisco Umbrella Rank: 3624 s1.adform.net — Cisco Umbrella Rank: 7427 adx.adform.net — Cisco Umbrella Rank: 4951 cm.adform.net c1.adform.net	27 KB
7	gstatic.com fonts.gstatic.com	128 KB
7	lwadm.com lwadm.com — Cisco Umbrella Rank: 131308 content.lwadm.com — Cisco Umbrella Rank: 362646	163 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com	6 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 347	119 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 249 pr-bh.ybp.yahoo.com	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 339 mug.criteo.com — Cisco Umbrella Rank: 3226 dis.criteo.com	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	133 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 857 in.hotjar.com — Cisco Umbrella Rank: 1592	65 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 649 r.turn.com — Cisco Umbrella Rank: 2156	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	2 KB
3	giosg.com service.giosg.com — Cisco Umbrella Rank: 84503	85 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	11 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 844	156 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	946 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 293	940 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2256 pubmatic-match.dotomi.com	207 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2396	23 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
1	playground.xyz 1 redirects ads.playground.xyz	466 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	610 B
1	iprom.net core.iprom.net	279 B
1	adgrx.com cm.adgrx.com	408 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	ad4m.at ad4m.at	915 B
1	erne.co 1 redirects green.erne.co	327 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	652 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 59950	609 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8579	792 B
1	userreport.com visitanalytics.userreport.com — Cisco Umbrella Rank: 16079	498 B
1	spklw.com bonfire.spklw.com — Cisco Umbrella Rank: 54261
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	lehtiluukku.fi feed.lehtiluukku.fi	76 KB
1	strossle.com assets.strossle.com — Cisco Umbrella Rank: 60379	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	36 KB
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	taboola.com Failed trc.taboola.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	netmng.com Failed google2waycm.netmng.com Failed
239	61

	Domain	Requested by
27	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net viisasraha.fi 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com cdn.ampproject.org s0.2mdn.net
20	c.bannerflow.net	s0.2mdn.net viisasraha.fi c.bannerflow.net
18	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com viisasraha.fi securepubads.g.doubleclick.net 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
17	viisasraha.fi	viisasraha.fi
11	simage2.pubmatic.com	ads.pubmatic.com
11	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
11	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net viisasraha.fi
7	image2.pubmatic.com	ads.pubmatic.com
7	pbs.twimg.com	viisasraha.fi platform.twitter.com
7	fonts.gstatic.com	fonts.googleapis.com
7	platform.twitter.com	viisasraha.fi platform.twitter.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	ad.doubleclick.net viisasraha.fi
6	lwadm.com	viisasraha.fi lwadm.com content.lwadm.com ads.pubmatic.com
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	lwadm.com securepubads.g.doubleclick.net viisasraha.fi
5	www.googletagservices.com	viisasraha.fi www.googletagservices.com s0.2mdn.net 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
4	match.adsrvr.org	4 redirects
4	ups.analytics.yahoo.com	4 redirects
3	x.bidswitch.net	3 redirects
3	ads.pubmatic.com	content.lwadm.com ads.pubmatic.com
3	service.giosg.com	viisasraha.fi service.giosg.com
3	cdnjs.cloudflare.com	viisasraha.fi
3	use.fontawesome.com	viisasraha.fi use.fontawesome.com
2	pixel-sync.sitescout.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	pixel.advertising.com	2 redirects
2	ad.turn.com	2 redirects
2	googleads.g.doubleclick.net	37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com viisasraha.fi
2	www.google.com	tpc.googlesyndication.com viisasraha.fi
2	37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	mug.criteo.com
2	script.4dex.io	content.lwadm.com script.4dex.io
2	gum.criteo.com	1 redirects
2	ton.twimg.com	platform.twitter.com
2	adx.adform.net	s1.adform.net content.lwadm.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	ad.doubleclick.net	www.googletagservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	track.adform.net	1 redirects viisasraha.fi
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	csync.loopme.me	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cm.adform.net	1 redirects
1	portal.o2online.de
1	dclk-match.dotomi.com	37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
1	r.turn.com	37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	visitanalytics.userreport.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	bonfire.spklw.com	assets.strossle.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	content.lwadm.com	lwadm.com
1	static.hotjar.com	viisasraha.fi
1	fonts.googleapis.com	viisasraha.fi
1	s1.adform.net	viisasraha.fi
1	feed.lehtiluukku.fi	viisasraha.fi
1	assets.strossle.com	viisasraha.fi
1	www.googletagmanager.com	viisasraha.fi
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	trc.taboola.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	google2waycm.netmng.com Failed	37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
0	hbopenbid.pubmatic.com Failed	content.lwadm.com
239	92

This site contains links to these domains. Also see Links.

Domain
www.osakeliitto.fi
twitter.com
www.facebook.com
danskebank.fi
www.lehtiluukku.fi
track.adform.net
www.osinkoinsinoori.fi
www.viisasraha.fi
investorshouserahastot.fi
www.keskisuomalainen.com
www.omnipress.fi
vastuullistajournalismia.fi

Subject Issuer	Validity	Valid
viisasraha.fi R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
assets.strossle.com Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
lwadm.com Amazon	`2021-03-22` - `2022-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
feed.lehtiluukku.fi R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.giosg.com Starfield Secure Certificate Authority - G2	`2021-08-02` - `2022-09-03`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.lwadm.com Amazon	`2021-03-22` - `2022-04-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
spklw.com Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.iprom.net R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh

This page contains 42 frames:

Primary Page: https://viisasraha.fi/
Frame ID: 7ABD592BD737628BDDCFAD74E74E5717
Requests: 75 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s
Frame ID: 8C81CD7B1D57F468BB1A0663FC581AAC
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s
Frame ID: B7DA0C7722D0595A1A24F2A7835DAD71
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi
Frame ID: F03DE27CF337BABD3D0805F59CDA247F
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 1A5A70C39FCDCF754E64AEA4F0E61A44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 69099E964407F3768F04075AF69442CD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB9A5CD329C1A21FC752CC0306994352
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Frame ID: 6AB0210CE45296444C9DF6E8B339F338
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Frame ID: 3725032354E7EEE41090469523EB97F2
Requests: 9 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314
Frame ID: AF26099569AAF460C44A2A49C7F03D0D
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F4085C1EA4537272D9FC2A5DDD729FC4
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=608&h=401&q=90&f=webp&rt=contain
Frame ID: 89D6B6128CCBC8BF7738DEF221572BF5
Requests: 3 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Frame ID: 4A409F301701E761E34BD488B509B970
Requests: 3 HTTP requests in this frame

Frame: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7BACA795492D9D590EA758737C56E82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7AEE0836D4BEBB5B333924C1E10AD79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDF5BFBCB60EADF8FB53EC8909DE1441
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D92ADFF3C76D0A94DEADD7042C0F66E9
Requests: 24 HTTP requests in this frame

Frame: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 13FD890D0581E46DE1F74A037FDA35C3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Frame ID: 76B0C27BCBC51465BAB7C8355F4D27FC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4137E4D66F13752AE92E5FB64C9F2BB3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CED390426DA21DD7745DF8855A2A28E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
Frame ID: 6516D0B868B33199A3AD1B4BC3370778
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js
Frame ID: 80789F5D6D6F0C6393C754A16A41F70D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Frame ID: AAA3DCB76EFD19CAC88D743E087C0DEE
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=96387
Frame ID: C3F410FC826FD2DA77066DAB7B3CEC9F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Frame ID: A7DE181A8418907B6C5799FFCEFE5443
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Frame ID: 4B031157A30DB99279F1A84C126ACAFD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
Frame ID: C6DF68E419BD71A87A7BE579E8151A69
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E96C246D2816500366386F1CEC46E585
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Frame ID: 28BF145530B0512424F51730634C5094
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
Frame ID: 9DB5CD4FC499418BC7AB362478F52424
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Frame ID: 8C9F52441355961AA8023A1560785353
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: E002BF68A1C152FD2F7F4608D98C1559
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: ACE4F6AC836B29DD618BB860B4559242
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
Frame ID: AC4094E7F72C775925C6AE5D454DC726
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CD2E8EF5AE2B2A6A8A86C28ED4F1EB09
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: EDB075EAA787A3AA6EDD7EB1AFFE6E21
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2C9D2CAEB5AEC523335ABE333B709BC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
Frame ID: 5CF5BF18A7642B1EA7E4E13149B0C23B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 81C9ED7E72AA406E571F7538457EBD2C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 99D93BAD26BDD35546CBA6254E71F77D
Requests: 1 HTTP requests in this frame

Frame: https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=52cbd598-2715-4c43-a06f-229fc170f945&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Frame ID: A14A62928D5737667B6A9DBB2F824E0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viisas raha

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

239
Requests

87 %
HTTPS

39 %
IPv6

61
Domains

92
Subdomains

62
IPs

10
Countries

3554 kB
Transfer

7313 kB
Size

33
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.osakeliitto.fi/nyt/?ref=32419&campaign=viisasrahafi

Search URL Search Domain Scan URL

URL: https://www.osakeliitto.fi/

Search URL Search Domain Scan URL

URL: https://twitter.com/viisasraha

Search URL Search Domain Scan URL

URL: https://www.facebook.com/viisasraha/

Search URL Search Domain Scan URL

URL: https://danskebank.fi/sinulle/tule-asiakkaaksi/yhteistyokumppaneiden-jasenedut/suomen-osakesaastajat?sc_cid=ext|osakesaastajat|pb-prod-banner--502021|sijoitusasunto

Search URL Search Domain Scan URL

URL: https://www.lehtiluukku.fi/lehdet/viisas_raha/

Search URL Search Domain Scan URL

URL: https://track.adform.net/C/?bn=44446390

Search URL Search Domain Scan URL

URL: https://www.osinkoinsinoori.fi/
Title: Osinkoinsinööri talousblogin

Search URL Search Domain Scan URL

URL: https://www.viisasraha.fi/Danske-Bank

Search URL Search Domain Scan URL

URL: https://investorshouserahastot.fi/

Search URL Search Domain Scan URL

URL: https://www.keskisuomalainen.com/fi/

Search URL Search Domain Scan URL

URL: https://www.omnipress.fi/
Title: Omnipress Oy / Asiakaslehdet

Search URL Search Domain Scan URL

URL: https://vastuullistajournalismia.fi/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://track.adform.net/adfserve/?bn=44446390;1x1inv=1;srctype=3;ord=[timestamp] HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]

Request Chain 111

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2

Request Chain 118

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1

Request Chain 175

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd9xmK7-6Mkq0ZjdODac0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPjvS9mcq40CbnN4o8F9gBo&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1

Request Chain 177

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D

Request Chain 187

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1&google_push=AYg5qPL3zbqHF_cSGHiH79pvIsev_IKeMtcNwppK_4aPgD8ranP1JncVi4ABvDfEMdc4q5nw9FNsHLPVuAqBRltx2QuvH1Sd4Vuh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxNzIyNzY2MDExMTA4OTY2MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1

Request Chain 189

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_cver=1&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1

Request Chain 190

https://match.360yield.com/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq

Request Chain 191

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw&apid=UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw

Request Chain 192

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU

Request Chain 209

https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d$UID HTTP 303
https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704

Request Chain 212

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=

Request Chain 213

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837

Request Chain 215

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yd9xmwAFIX-6agAF HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF

Request Chain 217

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ

Request Chain 218

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Request Chain 219

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 220

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6

Request Chain 221

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 224

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606 HTTP 302
https://sync.1rx.io/usersync/tradedesk/99f0e4a9-cb02-4aa9-aa46-47ef2e75d17d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E1mKfs7LSG-PzfxFRqsQaQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 229

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586

Request Chain 230

https://pixel.onaudience.com/?partner=214&mapped=13598A7E-CECB-486F-8FCD-FC4546AB1069 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM1OThBN0UtQ0VDQi00ODZGLThGQ0QtRkM0NTQ2QUIxMDY5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1

Request Chain 234

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704

Request Chain 235

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591

Request Chain 236

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=

Request Chain 237

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=13598A7E-CECB-486F-8FCD-FC4546AB1069&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=

Request Chain 239

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv

Request Chain 240

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=5b92343e-6313-520d-b27c-a13bd3a3d0a0&ssp=pubmatic&expires=30&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 241

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 243

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=

Request Chain 245

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779

239 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
viisasraha.fi/ 64 KB
12 KB 195ms
73ms Document
text/html 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 438ba58ddf03960043861c544b21eb6cc61834d69b3a3f9a24b7e05510ea76b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.2.34
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
age: 58
content-length: 11622
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Thu, 13 Jan 2022 00:25:57 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48142457-13

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ce32392b6fc3e58db363c2032619e02d58d460e28db3a7db90a9d930a7c6da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36653
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jan 2022 00:25:57 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 34ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://viisasraha.fi/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5503550
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: AS27E04B8EAZHW8Y
x-amz-id-2: a2HpEGoGr3WF2no93fd13WSh9kzGZ89LqeDyjIFkbc/BAiZ/XmL5Tk5jj/ozZsnho4C/MUZo06s=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrtWdiHHeirsWiNtfQEiy4LZclsYZwAHhnYbT3Oh7CxcruaHxjhasaFGaGzQZCyBnAVptBAcaHFrK4BaQOxfAU9nmyWNW1CyTsdD7RpT4AnjVfcK0vZmpNRCOdUu1jpFKWFjMXan14Ib0t9zPNagJsky"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6cca7d868ea94a8b-FRA

GET
H2 200 f024ab1.css
viisasraha.fi/css/ 167 KB
24 KB 51ms
50ms Stylesheet
text/css 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viisasraha.fi/css/f024ab1.css
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: dd068715136cf647c1257a5755756c9715d5d3828d7d2021c7fab0d9f1b09285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
last-modified: Wed, 16 Jun 2021 20:19:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 24933
expires: Sat, 12 Feb 2022 00:25:57 GMT

GET
H2 200 livev08.css
viisasraha.fi/css/ 25 KB
5 KB 50ms
49ms Stylesheet
text/css 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viisasraha.fi/css/livev08.css
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 3b8e63ea9bea0a39730aa2d685c78473ac9b21007b8f025d4c06bc1daa5dbef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 15:46:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5236
expires: Sat, 12 Feb 2022 00:25:57 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 30ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 509170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 975
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIJYwp1x0UePhvTvUh7pTMiZhmN1yvaNczdki3lkuH4DcbvcG5SSRXkJKV%2BOyCdkKZZXz7tCeZbYW7jmRjDUeNj%2B1BBUT59Nq31WJ3xb%2FdFNFyBAVmio6Daz4M0WRrPZZney%2B6JCX%2BXoTYRVrngkXgI2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca7d868ac4694c-FRA
expires: Tue, 03 Jan 2023 00:25:57 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 31ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 499680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5978
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhtGQhhQfi9wLuqn0lTn3waBCbY8jIuyll0p1tlplmal6yjLYL48oAve66A88yHZM6NfdHsiUtmAi5g9Zl7Pph%2BmsQtwLWTzySuDklwUICxJ5Sz%2FIJO8DZPhIJnsO0AKRPIjIKjte9EPvtmCjdDBMEBV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca7d868ac7694c-FRA
expires: Tue, 03 Jan 2023 00:25:57 GMT

GET
H2 200 strossle-widget-sdk.js Show response
assets.strossle.com/strossle-widget-sdk/1/ 42 KB
12 KB 73ms
10ms Script
application/javascript 2600:9000:2315:1200:19:1c05:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.strossle.com/strossle-widget-sdk/1/strossle-widget-sdk.js
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:19:1c05:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e8ab5f7daaaf482bba164c993d17017c49a80cbf7aaeaf4df1400fafadefe62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:59:41 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 13:48:25 GMT
server: AmazonS3
age: 1577
etag: W/"082c25494b4e6842447656a71791a07d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: bRvM7V6mUwiYaEY02pV4OkLVAf0wFAUkohzlSN1qRVpZZLC7LwGcJA==

GET
H2 200 pbjs Show response
lwadm.com/lw/ 45 KB
17 KB 51ms
8ms Script
application/javascript 35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc664e4c9216232427d7e13d67febe9ae4b53f95c092e474c13d71f66d6ee0c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: 679c8f9bc8034a279bea9511fd8b6008|89E2EF6A3514EB7780E4251D5DB84FF2
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,no-cache
access-control-allow-credentials: true

GET
H2 200 oskl-logo-19_mobiili.png
viisasraha.fi/images/ 9 KB
9 KB 69ms
67ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/oskl-logo-19_mobiili.png
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 459deeea63d0130a0e33f7c336375711339932953e9c210e833ca3da034e073e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Fri, 23 Aug 2019 07:00:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8762
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 vr-logo-x7.jpg
viisasraha.fi/images/ 18 KB
18 KB 70ms
68ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/vr-logo-x7.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 9d3b363a2b2029cc1d31211d83be842986d147af0e62679339154d96db7580e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Mon, 11 Mar 2019 17:58:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18329
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 9 KB
5 KB 65ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4396
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:26:54 GMT

GET
H/1.1 200
OK cover_big
feed.lehtiluukku.fi/ 76 KB
76 KB 415ms
31ms Image
image/jpeg 95.216.215.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feed.lehtiluukku.fi/cover_big?id=1000
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.215.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: api01.epaper.fi
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eb76751dd0224dd462533225c22494207c3190ad01534bdab28d4dd7281605db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: negotiate
Content-Type: image/jpeg; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
TCN: choice
Connection: Keep-Alive
Content-Location: cover_big.php
Keep-Alive: timeout=5, max=100

GET
H2

200

/
track.adform.net/adfserve/
Redirect Chain

https://track.adform.net/adfserve/?bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]

35 B
395 B

26ms
26ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:57 GMT
server: nginx
location: https://track.adform.net/adfserve/?CC=1&bn=44446390;1x1inv=1;srctype=3;ord=[timestamp]
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 58ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:08:29 GMT
Server: ECS (frb/67BE)
Age: 244
Etag: "b607db789ce85f01d2c97329a89acfde+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29153

GET
H2 200 vr-logo-bottom.png
viisasraha.fi/images/ 13 KB
13 KB 69ms
67ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/vr-logo-bottom.png
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 11ceff13d6c52cc4f36a14030e396c789b09828b48a4b4fb9fa11028ebe09d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Mon, 11 Mar 2019 17:56:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13619
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 oskl-logo-19.png
viisasraha.fi/images/ 23 KB
23 KB 46ms
45ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/oskl-logo-19.png
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 0ee2cbde9a472a390bdf54eabf18b5b093b4080c55c0ba7c415ecab85a58a821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Thu, 22 Aug 2019 09:16:25 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23897
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 mediatalokeskisuomalainen_550x320_nega.png
viisasraha.fi/images/ 16 KB
16 KB 69ms
68ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/mediatalokeskisuomalainen_550x320_nega.png
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 99b3a7094bb41058185e523e557e97e1ccf4d75f46207fc7143b4687d72e3ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Tue, 12 Mar 2019 15:27:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16036
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 vastuullistajournalismia_vaaka_FIN_vihreaRGB.png
viisasraha.fi/images/ 50 KB
50 KB 68ms
67ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/images/vastuullistajournalismia_vaaka_FIN_vihreaRGB.png
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 718a3ae3f8d7cbb50ea6d3c7394770e0d3ed74065a3d209d8182b1ada8d60dc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
last-modified: Tue, 12 Mar 2019 15:27:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50715
expires: Fri, 13 Jan 2023 00:25:57 GMT

GET
H2 200 9697aa7.js Show response
viisasraha.fi/js/ 154 KB
48 KB 41ms
40ms Script
application/javascript 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://viisasraha.fi/js/9697aa7.js
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed /
Resource Hash: 54bb0bb2861c66bd9d4f8ba5ac31a15ce7c79307e1fe5515588d38edb7dc6a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
last-modified: Wed, 16 Jun 2021 20:19:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 48602
expires: Sat, 12 Feb 2022 00:25:57 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/ 7 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/lazysizes.min.js

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 501193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2881
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1aea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7JT3Kx5NTLd0iWy9dlSm%2BGjEZVyp%2Fl20YvCtM7kcBb907y4HUbREz56DPZhfTHapNo%2FrdfraejL%2FqfNpc8QRMBP9rIBXuAjDGQPkOVbejtGA2J92C76cqpfnQhyI%2Fsp%2F9QEi5yfgniu9J5yn0sFasWz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca7d870b85694c-FRA
expires: Tue, 03 Jan 2023 00:25:57 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 102ms
19ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:10 GMT
server: nginx
etag: W/"612c9d2a-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/css/livev08.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54ad4a5cadfc0419bf288a8752fdfd0ebf312a76dbe59612e568ed3248d6b789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 00:25:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 13 Jan 2022 00:25:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jan 2022 00:25:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48142457-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3063
date: Wed, 12 Jan 2022 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 13 Jan 2022 01:34:54 GMT

GET
H2 200 / Show response
service.giosg.com/live/ 276 KB
85 KB 53ms
12ms Script
application/javascript 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/live/

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

3fce457cdd83ee885c8c8c711eddb3c721d375ccf9bcb6b764e5b6452cd218e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 12:06:48 GMT
server: nginx
etag: "61dd72d8-151ba"
vary: Accept-Encoding
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
content-length: 86458
expires: Fri, 14 Jan 2022 00:25:57 GMT

GET
H2 200 hotjar-2073088.js Show response
static.hotjar.com/c/ 4 KB
2 KB 66ms
42ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2073088.js?sv=6

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

b90e8625d42f6ab88d2ff0f91ff2f63c9aefb4b1af8299fca6d423b1646599bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache-hit: 1
etag: W/19665e0adfd502c843d33d8a3988fc21
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1886
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id: BCsu68dWlMr7dwCWmtvf2jp6c9upfruhlSBjjONKKsNXUxhaXfRNqA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 39ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:54:06 GMT
x-content-type-options: nosniff
age: 81111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 01:54:06 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 70 KB
71 KB 14ms
13ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14741624
cf-ray: 6cca7d871f7c4a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72112
x-amz-id-2: Z2tmNAPm+tIoN437tKTWW3bRMihFEWLYQVWh6ISNWMbGOjMXxNUkYpi80sobjtVmQEayLq5+WjY=
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
server: cloudflare
etag: "4b115e1153a9ea339d6a0bb284cc8ed3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uinH0R037ZvgJrYakAm7OFe1NbpAUdojHDbEeVS%2BdubbCbKVxXTl7sqN6kwfJFlwo7uL2s1xFAWGG%2BoQrK%2FXz0wJ14wLI5Dm0fX0AYLocFu%2BYVBK9tc30c9WHzbgp6JiYCqTkaDrIG9h2VONqLCtPFyq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 3BVGCRTGJG5DFRY5
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 73 KB
73 KB 22ms
21ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499516
cf-ray: 6cca7d871f7e4a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74348
x-amz-id-2: sS0HHyTYI2LpDJ/x85gedsJN4O1xRvgrX1OwyTMIjYUx1h2/aMo+b1+KMTVjvyvKRvC+jxp6Kpk=
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
server: cloudflare
etag: "462806316fea535a6a57651bc2b000b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgMnZZI2LqoPCd6XL9NdYi5dusDYWCW%2FilMtmM2%2FVUo2t%2Fyj1iMQis0KTonH5%2BSAYBtB6d%2Fo47R3BhrN36Omznqy6iwtqlXwfhvsZDpbtiC7pMOtrxeAyv5FAKVkLKtg52Lhl%2BlSrcBnGgCNGPS7E%2FxS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: XCSCVXECJSGD9MRH
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 45ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 12:42:18 GMT
x-content-type-options: nosniff
age: 387819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 08 Jan 2023 12:42:18 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ 27 KB
27 KB 46ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 20:11:13 GMT
x-content-type-options: nosniff
age: 15284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27412
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 20:11:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 101882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 20:07:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=161788461&t=pageview&_s=1&dl=https%3A%2F%2Fviisasraha.fi%2F&ul=en-us&de=UTF-8&dt=Viisas%20raha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1161494398&gjid=1447574581&cid=1714183167.1642033558&tid=UA-48142457-13&_gid=2033765066.1642033558&_r=1&gtm=2ou1a0&z=899903446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v82.js Show response
www.googletagservices.com/dcm/ 41 KB
17 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v82.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 10 Jan 2022 16:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17197
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 15:37:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 16:01:37 GMT

GET
H2 200 prebid.js Show response
content.lwadm.com/lw/4.43.4.5/ 456 KB
143 KB 82ms
32ms Script
application/javascript 2600:9000:21f3:2600:1b:7f5c:2c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9312253427d9dedc9681e7277bfb6f3dac43c92af95951bf7321567ce3971eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 15:00:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"b9663240c24806515fcc078c6003d51d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000
x-amz-cf-id: AQ8mCbCegG_CWN7EhOL3kw8DH5AjeSSzgSql9EHXhrKjN8H4nutH7g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 39ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e46fad913ac5c0909b399e533e5935ea0cabf6dd3beba8856d63d1c6413b49ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27126
x-xss-protection: 0
server: sffe
etag: "1100 / 669 of 1000 / last-modified: 1641987223"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 13 Jan 2022 00:25:57 GMT

GET
H2 200 modules.95d56a8fe70e88a7dcd9.js Show response
script.hotjar.com/ 229 KB
61 KB 31ms
7ms Script
application/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2073088.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-111.fra56.r.cloudfront.net

Software

Resource Hash

4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127192
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61466
access-control-allow-origin: *
last-modified: Tue, 11 Jan 2022 13:05:10 GMT
etag: "e2ccd91105747342ee4a8ed27f9e5793"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iQ-9EZFPmeRm9bXnlCVT30qf0L6bkBinUwK11HVZRUESc9TykgC2DQ==

OPTIONS
H2 200 /
service.giosg.com/api/v5/orgs/5047/client-settings/ Frame 0
0 38ms
14ms Preflight
text/html 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-origin
Origin: https://viisasraha.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
content-type: text/html; charset=utf-8
date: Thu, 13 Jan 2022 00:25:57 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=63072000
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/

GET
H2 403 / Show response
service.giosg.com/api/v5/orgs/5047/client-settings/ 54 B
404 B 26ms
26ms XHR
application/json 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

db0fe984e70fedf2e3d1684526247bc7d8f4a8f1cec7e0a874dffa9d4e1337fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Client-Origin: https://viisasraha.fi

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
vary: Accept, Accept-Language
server: nginx
x-response-duration: 12
allow: GET, HEAD, OPTIONS
content-language: en
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin: *
strict-transport-security: max-age=63072000
content-type: application/json
content-length: 54

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 77ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48142457-13&cid=1714183167.1642033558&jid=1161494398&gjid=1447574581&_gid=2033765066.1642033558&_u=YEBAAUAAAAAAAC~&z=1516102802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 13 Jan 2022 00:25:57 GMT
content-type: text/plain
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,... Show response
ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/ Frame 8C81 47 KB
23 KB 110ms
72ms Document
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

323a1227e87d3936afbba80e883cb98419126b85cf3338f81f7ca1977689e138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jan 2022 00:25:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 23009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fvi... Show response
ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/ Frame B7DA 47 KB
23 KB 84ms
49ms Document
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

db7ff16d60fe68cc7c0c36e47848cf583fe2754bf31c8af6e2bbe2be636542b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jan 2022 00:25:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 22941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 26ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 67959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 05:33:18 GMT

GET
H3 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ 23 KB
24 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 23:27:38 GMT
x-content-type-options: nosniff
age: 89899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24036
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 23:27:38 GMT

POST
H2 200 pbjs Show response
lwadm.com/ 2 KB
869 B 815ms
801ms XHR
application/json 35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/pbjs?19458763
Requested by: Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=a074aa72-322b-4cac-957b-f71df31b9f59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1cf29d04f1c7fcebbf6799008a2d90c77b7572a203f30394dfcbe6950b0e5c3

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true
content-length: 599

GET
H3 200 pubads_impl_2022011101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
118 KB 30ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2d0cbcd1269e55e005b91a097951f98a08a48e4118dcfe999b2969b437ca14bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120806
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 09:34:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 13 Jan 2022 00:25:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 48 B
84 B 30ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=viisasraha.fi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

26b32c35a2119f2c84d15ba619815f30615a190dff209df727d3d996d702e9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
expires: Thu, 13 Jan 2022 00:25:57 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://viisasraha.fi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 47000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 11:22:37 GMT

GET
H/1.1 200
OK widget_iframe.e37c957bd3ae00473b95800b99e19cff.html Show response
platform.twitter.com/widgets/ Frame F03D 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 12250
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jan 2022 00:25:57 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 11 Jan 2022 20:06:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6713)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK /
bonfire.spklw.com/ 0
0 141ms
33ms Fetch
text/plain 34.241.159.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bonfire.spklw.com/?t=bulk&i=widget_id%3D6df1f85e-306e-47d1-ac8f-3cce29ff0ddb%26device%3Ddesktop%26session_id%3D7c4c63b0d92e405698cc600e46185bdc%26url%3Dhttps%253A%252F%252Fviisasraha.fi%252F%26origin_type%3Dwidget%26event%3Dload%26type%3Dwidget
Requested by: Host: assets.strossle.com
URL: https://assets.strossle.com/strossle-widget-sdk/1/strossle-widget-sdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.159.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-159-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://viisasraha.fi
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 1A5A 2 KB
1 KB 25ms
7ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2073088.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: TJcIWecbStv5dz3M0-u87S3_VIQVws6gHY59IBxijRCjqTF2_1881Q==
age: 5653238

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame B7DA 8 KB
4 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.301075552;dc_ver=82.239;sz=300x300;u_sd=1;nel=1;dc_adk=210587437;ord=jxu1ba;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=2;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:13:06 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame 8C81 8 KB
3 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N375001.3713702VIISASRAHA/B25328674.295893012;dc_ver=82.239;dc_eid=40004001;sz=468x400;u_sd=1;nel=1;dc_adk=226173050;ord=wnmt0j;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fviisasraha.fi%2F$0;xdt=0;crlt=WCIB9imQOE;sttr=67;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:13:06 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame B7DA 106 KB
38 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 14:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 14:30:32 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B7DA 41 KB
15 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jan 2023 13:28:24 GMT

GET
H2 200 Otaetumatkaa980x552_versio2.jpg
viisasraha.fi/var/site/storage/images/_aliases/full-banner/9/3/8/6/36839-1-fin-FI/ 337 KB
337 KB 417ms
116ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/9/3/8/6/36839-1-fin-FI/Otaetumatkaa980x552_versio2.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: c404463be3375101f9b01a6b878901697045f9f73ccb461e75c6e944eccb2826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
last-modified: Wed, 08 Dec 2021 07:37:36 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 344992

GET
H2 200 Kryptot_AntonRasanen.jpg
viisasraha.fi/var/site/storage/images/_aliases/nocrop832/3/0/4/7/37403-1-fin-FI/ 80 KB
80 KB 480ms
179ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/nocrop832/3/0/4/7/37403-1-fin-FI/Kryptot_AntonRasanen.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: f8c88ff679553f0238d388b61adff27e453d3f7b8b27d5dfcb2df109a4a48d9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
last-modified: Wed, 12 Jan 2022 09:41:40 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 81545

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8C81 106 KB
37 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 14:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 14:30:32 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C81 41 KB
15 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jan 2023 13:28:24 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F03D 232 B
448 B 133ms
112ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=14ec7a31a2ca9072f7598fee553eb1bf82c2c645

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fviisasraha.fi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 13 Jan 2022 00:25:57 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 00:25:58 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c17e98c369f7cff78eb444e6362be3bb4c8d62561b05001aa582e994f608dc87
content-length: 166

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2073088/ 146 B
321 B 102ms
34ms XHR
application/json 54.171.36.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2073088/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.36.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-36-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6909 22 KB
8 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 08 Jan 2022 18:05:45 GMT
expires: Sun, 08 Jan 2023 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 368413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FB9A 22 KB
8 KB 22ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 08 Jan 2022 18:05:45 GMT
expires: Sun, 08 Jan 2023 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 368413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adx.adform.net/adx/ 626 B
1 KB 327ms
69ms Script
text/javascript 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTEwMDcxMTU&url=https%3A%2F%2Fviisasraha.fi%2F&callback=_adform_cb_1642033557980_5785538191481245

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4c74a57a9eed5ef80d28578e6e9dd949d6de71306cfaf884006f5daea8e035b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7DA 121 KB
37 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:25:58 GMT

GET
H3 200 FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html Show response
s0.2mdn.net/sadbundle/15493210630881542144/ Frame 6AB0 4 KB
1 KB 22ms
7ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc25a2821005b9dec41a6cb8b81224a7f6f07f90f1a8adaf6bb93eb3256fe0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1419
date: Thu, 06 Jan 2022 06:51:09 GMT
expires: Fri, 06 Jan 2023 06:51:09 GMT
last-modified: Tue, 13 Apr 2021 13:33:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 581689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7DA 0
299 B 56ms
41ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg&sig=Cg0ArKJSzA25tOXnqTjeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=81&cisv=r20220110.35678&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C81 121 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:25:58 GMT

GET
H3 200 FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html Show response
s0.2mdn.net/sadbundle/3613336761649856512/ Frame 3725 4 KB
1 KB 9ms
8ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e96a40c38b9acd2aed198af86727faf9adacb0d73364f7583aaf740f687d44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1419
date: Tue, 11 Jan 2022 05:36:26 GMT
expires: Wed, 11 Jan 2023 05:36:26 GMT
last-modified: Fri, 26 Feb 2021 01:09:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 154172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C81 0
60 B 46ms
45ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo&sig=Cg0ArKJSzJ824AKeWEXREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=90&cbvp=1&cstd=88&cisv=r20220110.49987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6909 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:27:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13579
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:27:59 GMT

GET
H3 200 oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js Show response
pagead2.googlesyndication.com/bg/ Frame FB9A 35 KB
13 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oCaBrhzCGlT5mvuc9Dz4nEKrkbyTgapk6W_7TPRun4A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:27:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13579
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:27:59 GMT

GET
H2 200 perinn%C3%B6njako.jpg
viisasraha.fi/var/site/storage/images/_aliases/crop720/2/8/3/7/37382-1-fin-FI/ 28 KB
28 KB 409ms
108ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/crop720/2/8/3/7/37382-1-fin-FI/perinn%C3%B6njako.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 6006d01c3bd434a8410e8aba2a84b5816da5b3be4214afe7585cc2d24cddadbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
last-modified: Wed, 12 Jan 2022 06:35:00 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 29080

GET
H2 200 fuusio.jpg
viisasraha.fi/var/site/storage/images/_aliases/crop720/3/4/3/7/37343-1-fin-FI/ 21 KB
22 KB 416ms
116ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/crop720/3/4/3/7/37343-1-fin-FI/fuusio.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: c9fb3741d896ebeb9350da7de38b326ef40c4e7743ad7cb480d62a9346037496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
last-modified: Tue, 11 Jan 2022 07:03:44 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 22014

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:46 GMT
Server: ECS (frb/6738)
Age: 12251
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8012

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:46 GMT
Server: ECS (frb/67BE)
Age: 12249
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7DA 0
23 B 49ms
48ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg&sig=Cg0ArKJSzA25tOXnqTjeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=153&dett=3&cstd=81&cisv=r20220110.35678&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C81 0
23 B 44ms
44ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo&sig=Cg0ArKJSzJ824AKeWEXREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=143&dett=3&cstd=88&cisv=r20220110.49987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 21 KB
4 KB 171ms
147ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_viisasraha_old&dnt=false&domain=viisasraha.fi&lang=fi&screen_name=viisasraha&suppress_response_codes=true&t=1824481&tweet_limit=2&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

fc34016da75e7f8e3f123320aabdd8b0259a59a7634bcdbfb9face7dbc2b5c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 3947
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 128
last-modified: Thu, 13 Jan 2022 00:25:58 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 19adee2a9259f40b06d587333996b2509f4a9773cc28c839cb94521aec1874bc
timing-allow-origin: *
x-transaction: c25d90ce6fedf16b
expires: Thu, 13 Jan 2022 00:30:58 GMT

GET
H2 200 60759d376662a4ff19bed093 Show response
c.bannerflow.net/a/ Frame 6AB0 53 KB
18 KB 63ms
35ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56af099705b5d8b1e9668ddddb9ea19965486bac07a3eddfc1d1b8a9ae3241bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6cca7d8adb336933-FRA
link: <https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/preload.jpg>; rel=preload; as=image
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H2 200 60254ed9ca66b5e68189d867 Show response
c.bannerflow.net/a/ Frame 3725 53 KB
18 KB 61ms
32ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd3917cd586d225aa97c932532c998aec2b7ec5af03d149c9b8d8dda22cfeb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6cca7d8aeb356933-FRA
link: <https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/preload.jpg>; rel=preload; as=image
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/ Frame 3725 28 KB
28 KB 76ms
75ms Image
image/jpeg 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/preload.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd5d2d2e122d66b1f874388992b947163db63bc01d6654a1dbfe85fb64dbc00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status: MISS
content-length: 28326
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 14:13:17 GMT
server: cloudflare
etag: 0x8D8FB619F1B7029
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b068783e-201e-0065-6114-084362000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cca7d8b2bc66933-FRA

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/ Frame 6AB0 18 KB
18 KB 70ms
70ms Image
image/jpeg 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/preload.jpg
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1028e23693af5ebfab763bbcf0e34164a9f8a8b7edab823000e680428be6b097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status: MISS
content-length: 17945
x-ms-lease-status: unlocked
last-modified: Tue, 13 Apr 2021 13:31:51 GMT
server: cloudflare
etag: 0x8D8FE807F020BBF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: d03f7992-a01e-0054-7c14-08a271000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cca7d8b2bca6933-FRA

GET
H2 200 document.977231d845.js Show response
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/ Frame 3725 15 KB
3 KB 62ms
62ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/448453/772065/document.977231d845.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a9e0ec3e08604e35e7f547370dd5d873f4ab0b9b0367491c764d4ee4c2177b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: MISS
content-md5: l3Ix2EVCl4iznhW4HjXsQA==
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 14:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0687849-201e-0065-6914-084362000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6cca7d8b3bdb6933-FRA

GET
H2 200 animated-creative.d2b931beb0c8e53510f4.js Show response
c.bannerflow.net/scripts/ Frame 3725 126 KB
42 KB 22ms
22ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.d2b931beb0c8e53510f4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: x/M5KPZN780/Go5GcYCOHQ==
age: 19328773
cf-polished: origSize=129416
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 11:56:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 95e2dcc6-401e-0087-5648-587e43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6cca7d8b3bdd6933-FRA
cf-bgj: minify

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB9A 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPmzGlXHfYcSsMdLW-gaX35uICAAAAAA4AeAEAg&bg=!V1SlVBDNAAaocxMpqHM7ACkAdvg8WoYmWxcjvd37GNC2U7fYSPJNQ4YDFiSYJQxEHvOkKKEYcQQlnQIAAABxUgAAAAhoAQcKAC3Zfiyi-2Qm24qpGcg47DtBmA0TwnYVl4z2cfYkVU_Vgo6i2OrY9Pg1IKkrIwOZAqIJYRj8Q0xHC2bcL7a1BpPFJ3fh5N_OL_L__uDYK9VStDREC_alDpLDeXJrmQtZxUR7fq7bWcsqJU0Ut6J6H8Yyz7FtQQY5hDQYI-11DzGEkJhVpSbObSoq1QzYTAY9gKO7EtT57v5b7I5Y3YqNZEHV6EGiQRl519Je1k9rvQP_1fb756axZh88Z2bWoYZFVZif711Ar5UMufpmguFUPL1liV1cPQrp9yi3junjScJ3EL9SI0jXuDnlW5plDeUInoBdZL51SLVfYSZAWUHvHoRMpneRvee3XXN3bSXyyOr7PQw-5dJfFV1AwkeSmIA0sAjTbg8o-gTWz07AQd4gqWMJ1ATDBMzOTGsTufSrfmbr1_EhrU8F0bY8tQO_a4fnCH0hEcmR1O3J1QPXYl9KUH0wPDWi_WQoqMAJjzyHQfLscRZ1ZV8OizBfblSbY8tC_X2AlEZsc7dzCF6FlCVXPaJn6WjPKkJ4nzMPAfFsd2ulDN7OrP17l6c1a6jixHVPMdjQvkLNqXcYNBAi8gaIQ3-Vjn0h32TC3z9mmNsA0MotRfJysMlNcDWhvkKf8cKZ3IVDOwtbrZTbjK_fjd__FfVmKM2J6ZlAlEiMJSFwkfYehyFYmMzaKMbUGSGilZgxMKMhkgQ9CmppuJ586eSmrXlmivso_H2uNL3ji87fMA0DBBzU5entPA53GPeYrZ00qaLmWOdi0SsloXG5sH45WslwRS_1yLsg_vvC_IFbjEN7qq5VA75eHRqaGAz6PqVuPdkCgg364W3FO5mhBJcLOOFdBKkPLycMdp9spM0CJA5DqqBMWysPaoLLHnD-FiDm5EDknOvhg23oLNSkq4DPlgBVzDNtqmF86AjNwOQORb_sLfXqPl7SmE1HgpuNv3h4viSQog

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6909 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_OO7lXHfYb6IMdj8gQfbnp-gCAAAAAA4AeAEAg&bg=!9Pel97PNAAaocxMpqHM7ACkAdvg8WkwQCzut2ahGea6K8TK5v8CLiHJR0CqF62AAuVjRysbidsVFSAIAAACKUgAAAAJoAQeZAqGBvEjNutuiGLGVK5jFm_IYcL1pNhv-kFQURUctygDJQTJK9f0SC3foHCHfis5elaKiUyMsmGM4_vXIpfF_TqV5bRnmI13JWgivmrJncfyCPWzMsxtBhOPLr-onXPthuwboiGrQA9jZk1r-lr7MPRDKinf__FjAeMkWb55BjepsJg4CzYpoCAU6cOrmb2sOZTczWp02g3htG5gx2kNdoVNPNhN09zm2sKVP2MVeYgzyu1d1Mzd5PmHyOkmNEY0n1tFf6OjPGDmDOnvyFZ1LRt6dZsp5bFJTJKLaH3dfvkM7QBqoXykMjyauFY03Ew08LJfKh6O9-FtY2lPniEK1mdxaxTorNWt2Z8P1ErBoVP579OSOKSAqufY0TyD1ZA1OfvrEWqUaiRuViw4Ohuwvb5x86iYAKtc_Frm-2ks01XE821zy0tyCdhEzJlMzX2KSd8fPM1Gz17BBBPDCUS2LQGMhSAtvNwcWF0V9WFhV-Lmb0cHwlcYzC1ckgku0SbC3eQ4LoOpUcAdQfWug66WTMV4N_TTrAsMX2HEA2es91alR8QPCWtrjIj7w7EXaWJOPzd-9m8OdA1VRhhUpiWThCTOj7munLm6MCRUT1nV2fpxzsRVv-yU_dOAs82X5VFmfnW8p60hj0HQd2pDY8yLGjlHeInpJbkb8hxj968jsFM_ut9dOP9KXlYmpc6bukTkfdj-cnbKPmMoQ4RSER_-dk8lCsoPpUtkLfyiotIIgBQMmtovi6qOhnI0qJA9qq6i9laa5hMUXmQjdB6Mq7joweeZe_X7F2MR3ElhyfDTGo8IXnMR1F6O4OdUnKBP8GMm6h3Kvb_1eqBr7G0QGWsTACJ28v86lEpcL-G-nA3F5b79aGG8ly8cgwtJKVx3T5f_b8y8a

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 document.0b788d2e4b.js Show response
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/ Frame 6AB0 16 KB
3 KB 75ms
74ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/published/599756/772071/document.0b788d2e4b.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cecb34cb2f7edbeb0119c6155edfb1b1cdc46f9889f31e523aaa4c85114d6816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: MISS
content-md5: C3iNLkvbI4KmSq3V+2PCxA==
x-ms-lease-status: unlocked
last-modified: Tue, 13 Apr 2021 13:31:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 21c0339a-d01e-005e-0e14-0806c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6cca7d8b3bf76933-FRA

GET
H2 200 animated-creative.78fcdb07dcf63104779d.js Show response
c.bannerflow.net/scripts/ Frame 6AB0 128 KB
43 KB 24ms
24ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.78fcdb07dcf63104779d.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb783389fde225a43007ed7137d6bb7277a4ab63bd016a0c5f9153197a17c14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: g71GcdiDE/5aw37rZQpO0Q==
age: 19328730
cf-polished: origSize=131048
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 09:53:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a4faac3a-801e-006c-1148-5806b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6cca7d8b3bf86933-FRA
cf-bgj: minify

GET
H2 200 KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26 37 KB
38 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 189394
x-cache: HIT
content-length: 38349
x-response-time: 313
surrogate-key: card_img card_img/bucket/6 card_img/1479442012629868546
last-modified: Fri, 07 Jan 2022 13:15:17 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26 28 KB
28 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 318280
x-cache: HIT
content-length: 28376
x-response-time: 269
surrogate-key: card_img card_img/bucket/7 card_img/1480087036879011840
last-modified: Sun, 09 Jan 2022 07:58:22 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame AF26 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:44 GMT
Server: ECS (frb/6796)
Age: 12251
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:25:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 20:06:44 GMT
Server: ECS (frb/6796)
Age: 12251
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26 37 KB
38 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 189394
x-cache: HIT
content-length: 38349
x-response-time: 313
surrogate-key: card_img card_img/bucket/6 card_img/1479442012629868546
last-modified: Fri, 07 Jan 2022 13:15:17 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26 28 KB
28 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 318280
x-cache: HIT
content-length: 28376
x-response-time: 269
surrogate-key: card_img card_img/bucket/7 card_img/1480087036879011840
last-modified: Sun, 09 Jan 2022 07:58:22 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3urObTU1_normal.png
pbs.twimg.com/profile_images/1114093741835456512/ Frame AF26 3 KB
3 KB 14ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1114093741835456512/3urObTU1_normal.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

a98f84eca81c6053a50003f4ac8474f85429c9a4186775cf53a7618d561ab483

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 495413
x-cache: HIT
content-length: 2871
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/0 profile_images/1114093741835456512
last-modified: Fri, 05 Apr 2019 09:11:41 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8939ca42a9049adf9d2c0c85a77b9b0ba1213a70ad1fd4153b1765d8211034c3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame AF26 44 KB
7 KB 45ms
8ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561889
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 50e26655f68e700cc3eb5887ebe9f1d15e251016072834aacf5f61aaece315b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 20 Jan 2022 00:25:58 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 47ms
11ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561889
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 50e26655f68e700cc3eb5887ebe9f1d15e251016072834aacf5f61aaece315b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 20 Jan 2022 00:25:58 GMT

GET
DATA 200
OK truncated
/ Frame AF26 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AF26 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AF26 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame AF26 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3725 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 3725 6 KB
7 KB 34ms
18ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F41a192ed-5dc5-4cb8-8d67-4591f5583b82.woff&t=%20.AEOadeijklmnopstuvy%C3%A4
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 20:23:00 GMT
server: cloudflare
age: 100978
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=41a192ed-5dc5-4cb8-8d67-4591f5583b82-subset.woff
cf-ray: 6cca7d8c9fc642cf-FRA
expires: Wed, 11 Jan 2023 20:23:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 3725 6 KB
6 KB 430ms
414ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F48797254-c800-4f7f-81fa-4dff25efd656.woff&t=.%3ANOadeijklnorstuv%C3%A4
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3613336761649856512/FIViisasraha-Finnish-468x400-637486546590299430-b1f12dc3-6afc-45a0-9285-3db817bc6387.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 00:25:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=48797254-c800-4f7f-81fa-4dff25efd656-subset.woff
cf-ray: 6cca7d8c9fc742cf-FRA
expires: Fri, 13 Jan 2023 00:25:58 GMT

GET
DATA 200
OK truncated
/ Frame 6AB0 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 6AB0 6 KB
7 KB 14ms
14ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F41a192ed-5dc5-4cb8-8d67-4591f5583b82.woff&t=%20.AEOadeijklmnopstuvy%C3%A4
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 20:23:00 GMT
server: cloudflare
age: 100978
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=41a192ed-5dc5-4cb8-8d67-4591f5583b82-subset.woff
cf-ray: 6cca7d8cd83442cf-FRA
expires: Wed, 11 Jan 2023 20:23:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 6AB0 6 KB
6 KB 561ms
560ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58be6bcf8c3bc8129478d084%2F58be6c5703e67e24400a3d71%2F48797254-c800-4f7f-81fa-4dff25efd656.woff&t=.%3ANOadeijklnorstuv%C3%A4
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15493210630881542144/FIViisasraha-1-Finnish-300x300-637539175741525012-d6e1a42c-f8b7-40ef-897a-8abe09bf1143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Jan 2022 00:25:58 GMT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=48797254-c800-4f7f-81fa-4dff25efd656-subset.woff
cf-ray: 6cca7d8cd83742cf-FRA
expires: Fri, 13 Jan 2023 00:25:58 GMT

GET
H2 200 KZ8R6om5
pbs.twimg.com/card_img/1479442012629868546/ Frame AF26 37 KB
38 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1479442012629868546/KZ8R6om5?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 189394
x-cache: HIT
content-length: 38349
x-response-time: 313
surrogate-key: card_img card_img/bucket/6 card_img/1479442012629868546
last-modified: Fri, 07 Jan 2022 13:15:17 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3af014d7c9ececd1092503c32655a1a47b7af226234d0cf3ab7b72501eabedb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 U5cCuTHq
pbs.twimg.com/card_img/1480087036879011840/ Frame AF26 28 KB
28 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1480087036879011840/U5cCuTHq?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
x-content-type-options: nosniff
age: 318280
x-cache: HIT
content-length: 28376
x-response-time: 269
surrogate-key: card_img card_img/bucket/7 card_img/1480087036879011840
last-modified: Sun, 09 Jan 2022 07:58:22 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 292b682bcf5f0e7fed9e14441ddc390f3d0321ea6b88e70fdcb160b0b9a44c6e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://viisasraha.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://viisasraha.fi
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1436
date: Thu, 13 Jan 2022 00:25:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 42ms
16ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 566580
x-amz-request-id: tx405249188a46458ab6884-0061d5ef52
x-amz-id-2: tx405249188a46458ab6884-0061d5ef52
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH6SBpdr8r1nf1yfOeoigM6NqNRYDx8Ike4v%2BdmzOIgyO0cweIULPaEy482tMWdGyLh%2FW5gsdgSrObIthMIApZ2SaPBgvbArka875PfLSNMKakv%2FCR2RooByeZUm6v1aqs4hS7kfWwhAQeFp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6cca7d8d8d295c8c-FRA

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fviisasraha.fi%2F&domain=viisasraha.fi&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQj...

353 B
616 B

54ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c5f9eb74692751400e1d30fd8057686662a9b7182e68eadf5cbb73d6c3176387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2054
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:57 GMT
location: https://mug.criteo.com/sid?cpp=Glhz2XxrSXh3bmpIdUN4MzVqdG1LWXUxOEJoREx0NzE4L2pBckRGVzQ5UUczdjA4bk5YWmY0TEcyZzhGL3BicURldk82dGhvTkhTTWFPTHFZaDN6TUJjY1I5cGJvbW1mRHBOdHlqZStVd0x0MWFLVElzY0J3ekprMGdtQjhLaFdaWUJUMVZVTVBQcWVrOHY3R1lkNnJkaEk0NGdGYXlCSUVUaUszeUo2NmN3ZCtSUW9NOXMzdFRWdjQrWEpZRFVMWUpIOTRzRXFWMHRqOU91NjZkVEZtQU1QOTdJc1kwZ0RPQkhZYk5jaWpsZEFiYUR3PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1755
content-length: 482
expires: 0

POST
H2 200 ad Show response
lwadm.com/ 559 B
613 B 113ms
112ms XHR
application/json 35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/ad
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f0f282341b80085696daae20c9c6ce64c8fb98fc85101a985837fcfe65629a3

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true
content-length: 344

POST translator
hbopenbid.pubmatic.com/ 0
0

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
577 B 90ms
89ms XHR
application/json 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMDI0MzcmcmN1cj1FVVImcHJpY2VUeXBlPWdyb3NzJnRyYW5zYWN0aW9uSWQ9OWE2MmVkMmEtMmUzMi00MmRmLTk0NzktYWZiNzczZDM4YTRh&bWlkPTEwMDI0MzUmcmN1cj1FVVImcHJpY2VUeXBlPWdyb3NzJnRyYW5zYWN0aW9uSWQ9OWM5ZTM5OWQtNDRhZS00ZjNiLTg4ZjAtMGU1ZDE5ZmY5MjA2&pt=gross&stid=ce342ebf-ec50-4d8b-8982-f8cdf6ab00db&fd=1

Requested by

Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://viisasraha.fi
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 hit.gif
visitanalytics.userreport.com/ 43 B
498 B 78ms
10ms Image
image/gif 108.157.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?t=CDI03c42257
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 72709
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Wed, 12 Jan 2022 04:14:11 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: A1lGtPPDao_IvhdAbQjJanFGQaGFCc4a1ZS31BXVzmDzhCnTvZdoCA==
expires: 0

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 31ms
16ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5657
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx31ce177f46184129b9279-0061adef80
x-amz-id-2: tx31ce177f46184129b9279-0061adef80
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLR%2BKucJRnEziP928a0nqgCtpPhCEoJcMAXzBrGLV9EKwFM%2Ff5QnRpAfwek9Iv7j8O3dmZDxv%2F3FiGVggOAT%2FEwMk6uc%2FR8OXh6MkiifPgahL5uk%2FzJw8lWgPO9afLXZ7RboQAlTWdx9UoRi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6cca7d8dce1d4e49-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 72ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1020
date: Thu, 13 Jan 2022 00:25:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame F408
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
570 B

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://viisasraha.fi
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 12252
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jan 2022 00:25:59 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 11 Jan 2022 20:08:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Thu, 13 Jan 2022 00:25:58 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Thu, 13 Jan 2022 00:25:58 GMT
x-transaction: 8c0ab29b0f06dcfe
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: c17e98c369f7cff78eb444e6362be3bb4c8d62561b05001aa582e994f608dc87

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 89D6 19 KB
19 KB 164ms
163ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=608&h=401&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf16613f1552b269aa4f495d45a1aa3a62c566a4a1bfe61a6195075623652f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jan 2022 20:23:01 GMT
api-supported-versions: 2.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6cca7d8f3bc46933-FRA
content-length: 19400
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 89D6 578 B
640 B 268ms
268ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F69140934-64cb-4176-ae5e-e420c37a0aaf.png&w=20&h=16&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07f36f86f5056cc137aec945d25fc15b55cb8b32c974a5b15312bf406ec69b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 00:25:59 GMT
api-supported-versions: 2.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6cca7d8f3bc66933-FRA
content-length: 578
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 92fff189-e2df-400b-aa44-0963f1c5fd71.svg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/ Frame 89D6 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 1ryfzxYdwTkb1pimcr4DJQ==
age: 2137
x-ms-lease-status: unlocked
last-modified: Thu, 20 Feb 2020 10:06:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5a47bc2f-d01e-0095-10ff-010593000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6cca7d8f4bf16933-FRA

GET
H2 200 92fff189-e2df-400b-aa44-0963f1c5fd71.svg
c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/ Frame 4A40 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/nordnet/58be6c5703e67e24400a3d71/images/92fff189-e2df-400b-aa44-0963f1c5fd71.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.78fcdb07dcf63104779d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 00:25:59 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 1ryfzxYdwTkb1pimcr4DJQ==
age: 2138
x-ms-lease-status: unlocked
last-modified: Thu, 20 Feb 2020 10:06:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5a47bc2f-d01e-0095-10ff-010593000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6cca7d906de56933-FRA

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A40 13 KB
13 KB 120ms
120ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F549dfba3-a1c7-4aeb-893c-f091c7178fe9.png&w=431&h=316&q=90&f=webp&x1=11&x2=556&y1=0&y2=400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe867b53e81bf6a806cd166468c209b78ea126841d294b8cd8083c2850fee93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jan 2022 20:23:01 GMT
api-supported-versions: 2.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6cca7d906de66933-FRA
content-length: 13404
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A40 544 B
629 B 72ms
71ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fnordnet%2F58be6c5703e67e24400a3d71%2Fimages%2F69140934-64cb-4176-ae5e-e420c37a0aaf.png&w=18&h=16&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46eeab438539944e7bc19b1a864756733810410a863b8c33ab535c0e24aff2fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 00:25:59 GMT
api-supported-versions: 2.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6cca7d906de86933-FRA
content-length: 544
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

POST
H2 200 pixel
c.bannerflow.net/tr/v2/ Frame 3725 0
82 B 26ms
26ms Ping
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60254ed9ca66b5e68189d867?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsthwJXUVrdwrIYzGukqVCVUuhrkyvFzMWz5HDUuG7I_fu-ET2Drn4BdSAm_507ixQeN1hAtwec_y9UjPAfXy-bEPdG9pBxcBGYt3AgmYUnojyFlHoy-swHf_7YpU6FmHXo%26sig%3DCg0ArKJSzNOXScZaVjD4EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cca7d90eebc6933-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H2 200 pixel
c.bannerflow.net/tr/v2/ Frame 6AB0 0
34 B 25ms
25ms Ping
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/60759d376662a4ff19bed093?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvfXa651Jo2IerGX2KN9nRzzI1slTX-_rRUp6MydRrkwxoL97icfPS9qBaecrYFPHWCjc0buS-8fVESLBMiig7kGWdM2_bom5-9pRqwdvkCXi_9zY3C-0liwficiFah-bg%26sig%3DCg0ArKJSzGyxSHgYoCNWEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5664222%26adurl%3Dhttps%253A%252F%252Fwww.nordnet.fi%252Ffi%252Fkampanjat%252Fosakesaastajat%253Fdclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cca7d912f396933-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 DB_ViisasRaha_asuntolaina_468X400.jpg
viisasraha.fi/var/site/storage/images/_aliases/full-banner/0/8/9/6/36980-1-fin-FI/ 82 KB
82 KB 450ms
148ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/0/8/9/6/36980-1-fin-FI/DB_ViisasRaha_asuntolaina_468X400.jpg
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 82df52f688ae51706c1088ecc610833cbb2f22fa2c5cdc3c777f4d208ab5117f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:25:59 GMT
last-modified: Thu, 16 Dec 2021 10:25:10 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 83574

GET
H2 200 JukkaOksaharju.jpg
viisasraha.fi/var/site/storage/images/_aliases/nocrop832/8/9/2/7/37298-1-fin-FI/ 34 KB
35 KB 539ms
238ms Image
image/jpeg 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/nocrop832/8/9/2/7/37298-1-fin-FI/JukkaOksaharju.jpg
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: e7b3ddc44d9f741a0ee7348ce4f2c6039a7695bc9d3f1875457a20b5ee54d012

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
last-modified: Mon, 10 Jan 2022 05:45:46 GMT
server: LiteSpeed
age: 0
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/jpeg
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 35278

GET
H2 200 MicrosoftTeams-image%20(92).png
viisasraha.fi/var/site/storage/images/_aliases/full-banner/5/5/6/4/34655-1-fin-FI/ 29 KB
29 KB 510ms
209ms Image
image/png 31.217.192.158
PLANEETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viisasraha.fi/var/site/storage/images/_aliases/full-banner/5/5/6/4/34655-1-fin-FI/MicrosoftTeams-image%20(92).png
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 31.217.192.158 , Finland, ASN58003 (PLANEETTA-AS, FI),
Reverse DNS: s3.palvelin.pro
Software: LiteSpeed / PHP/7.2.34
Resource Hash: df2608f84638fff1e8a14e5c2fc6662faefeaa80efa1657639f58ee1782561ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
last-modified: Thu, 26 Aug 2021 09:56:03 GMT
server: LiteSpeed
age: 1
x-powered-by: PHP/7.2.34
vary: User-Agent
content-type: image/png
cache-control: no-cache, private
content-transfer-encoding: binary
accept-ranges: bytes
content-length: 29893

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 50ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=viisasraha.fi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 56ms
27ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=viisasraha.fi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
29 KB 412ms
411ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2497024290627880&correlator=74536902781810&output=ldjh&impl=fifs&eid=31063821%2C31063943%2C31064089%2C31064094%2C31064095%2C44755510&vrg=2022011101&ptt=17&sc=1&sfv=1-0-38&ecs=20220113&iu_parts=21903480248%2Cviisasraha.fi%2Cviisasraha.fi_content%2Cviisasraha.fi_sidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=320x50%7C320x320%7C336x280%7C468x600%7C360x300%7C300x250%7C600x600%7C468x400%7C300x300%7C338x338%7C360x360%2C300x300%7C300x600%7C160x600%7C300x250&fluid=height%2C0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642033559&dt=1642033559944&dlt=1642033557482&idt=431&frm=20&biw=1600&bih=1200&oid=2&adxs=270%2C1030&adys=6734%2C3408&adks=2120671619%2C2887215067&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fviisasraha.fi%2F&vis=1&scr_x=0&scr_y=0&psz=740x40%7C300x0&msz=740x0%7C300x0&ga_vid=1714183167.1642033558&ga_sid=1642033560&ga_hid=161788461&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c7460ed0e58d0b3a53ef2799c6907fba76c978786538de461106921fef2631b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29249
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://viisasraha.fi
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
20ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d811fb4eb99f646be456ebe4eb8183fd96c273ddc612eb046b9ac980dde23700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0

GET
H2 200 container.html Show response
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C7BA 6 KB
4 KB 82ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 13 Jan 2022 00:26:00 GMT
expires: Fri, 13 Jan 2023 00:26:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:26:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7AE 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 12 Jan 2022 23:20:47 GMT
expires: Thu, 12 Jan 2023 23:20:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDF5 783 B
1 KB 51ms
28ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6265ba2c2bb8df1401a47253a03e265fffc0632fed9c13707c429f692ac9584

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RFeobW+XOqPdYahSC0tSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 13 Jan 2022 00:26:00 GMT
date: Thu, 13 Jan 2022 00:26:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RFeobW+XOqPdYahSC0tSdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js Show response
pagead2.googlesyndication.com/bg/ Frame A7AE 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 23:20:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDF5 0
0 48ms
48ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011101&jk=2497024290627880&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7AE 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?St60sw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011101&jk=2497024290627880&bg=!PD-lP3vNAAaocxMpqHM7ACkAdvg8WkABre0MTG87nC8Yh05Iwm1DK1AnULJ5mnzGIBHtXYrInaFJwAIAAABTUgAAAANoAQcKABaNTaZaWTptahM3pQvPiRvJh8Tjsmp2mQKJATYqyiqUE8cNCcshNcNPVufyx7eVwKR7Jy0YoPVliJqG8V0OnJpz6IwGNF1d0yStbA28jqoS-PDvM3PfRkIobAkIYfoW1YPLr4k-aN--KsF3J3nhg67y9J2SmmHtKKT0QE5cy9iAPr0lfC0t94a03_8x_o8_bIflDc4O-cWGHSuBRTJlqFtpnWwbCoo3tlWE_eWkx_fhYWwNXl73QchAnwiIFuX2fd4320YySnaCTz5cN3Ui4RQnZoUnK5xzsXMF2ZT8odtkL_I_65OUH8aKRJe6aAjI7Ugrwi846L3XLSVhf1yEw2sR8L5xZqQIMdwntNx7F_4YWgicFOZKReZqCpBLIg0-xUirGFzLdApZLEp_nLlimvMmKPu_o5C66GWzxsj3ZCO5o8dx-meV1JMfwt7fMgBgIsnAdEEK0AAkckIYwkS-Gq4UilrFu-wVNl3jnxoeVSzBFPcvZTFfaLR05b_OxbhxYx4JGvp5Bk89Hq4SL9GMRCHUyqcAOw1bjR_YK8YPsbKYboVAq9rAWBFRRplXoTqTy9Uree5NR61Fkgw9r774dtUDoodnXPhal5IYHwYeNEPmtbceSNEBjc9FhvqnjjpTBBhu3K0b7feNpYWIEPXlGsFrzpZDPYrf6P47zTDjtqvi9Q22Sq6-6nzjbfjjuWNhd68Cc-MakKEmKMeNq-cGM-EQ9gY0S5jLt2pwMCNk-igirwZjNuT7KtIotsyM_l4LF1C09ppfTj-7dS6GKpcwzhYiz6bqM6R524Mz3DXIEDklbvK-36dxB0ZaU2Fticb8wvisIpisubIDErcZaAfng_O0XkARogxSxYEwdx-5X22T44WYAI8F3NvN-Rdt6bYRgJAj7w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame D92A 189 KB
54 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 212637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 13:22:03 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A 13 KB
6 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 212637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 13:22:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A 89 KB
28 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 212637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 13:22:03 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A 71 KB
16 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 176183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16759
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 23:29:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6f5521ec42d8a94a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 23:29:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A 5 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 212637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 13:22:03 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D92A 40 KB
13 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 212637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 10 Jan 2022 13:22:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0f988502fa2967b0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Jan 2023 13:22:03 GMT

GET
DATA 200
OK truncated
/ Frame D92A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6e7cf39f59cfd079ee8824b1944fd89a5da28ea970917ad86b359b659ef2c89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 9 KB
9 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/bg.jpg

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24370e56c19370412f5bf37d1f1a5a4f88597afc338d612e537f8a82cbb18c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9521
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text1_1.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 994 B
1021 B 9ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_1.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d32e20290800713b853c7ccaa4cb78c4e6f987cbdaa4af0a40f3d0b0545da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text1_2.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 884 B
911 B 10ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_2.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc962c92e8dbeac8ce1b3237d092b18925bcc81caabf54e93286524ad3cea526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 884
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text1_3.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 1 KB
1 KB 10ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_3.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9fc14fb868ae1681487532fdf7e83c5fd3314bf8c38a2871e46c4e91975db90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text1_4.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 722 B
749 B 10ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_4.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15087276e13924a81a7753ac7bb95e9b012340e7c03c4f3c26da0e880e4013f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text1_5.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text1_5.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07f606424258bac88037d5bcc64166f1b5df6e09372b20ea4e2cf16101c4f49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 text2_1.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/text2_1.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f960d4d7b6d7d570af05d21f8934d46ed243bc231fc5c85fcd164a23a76e62a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 03:24:32 GMT
x-content-type-options: nosniff
age: 594088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3240
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Jan 2023 03:24:32 GMT

GET
H3 200 stoerer.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 4 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/stoerer.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d660670547ee96b0044ac8666427891693666a974dfcb710a4315ec18b9bb3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3696
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/logo.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e515d4ad34f03fb0903fb1c0227115fd997d735753df3cbbf89a3839e35d7e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:01:55 GMT
x-content-type-options: nosniff
age: 602645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3770
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Jan 2023 01:01:55 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 819 B
846 B 12ms
11ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/cta.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a88f714012e2bed9fe831ed0615a73edb642fb6e529c2399e2658ae72771640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 819
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 cta_text.png
tpc.googlesyndication.com/sadbundle/9923576110415857137/img/ Frame D92A 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9923576110415857137/img/cta_text.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4004fd1b3ddbee33c09ace1dc9c6201d8623e371610f72ab27ee4d2ead8e5443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:42:37 GMT
x-content-type-options: nosniff
age: 233003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:38:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 07:42:37 GMT

GET
H3 200 container.html Show response
37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13FD 6 KB
3 KB 33ms
19ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011101.js?31064089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Jan 2022 00:26:00 GMT
expires: Fri, 13 Jan 2023 00:26:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 fi.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fi.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 22:44:12 GMT
x-content-type-options: nosniff
server: cafe
age: 6108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 5712710698203043590
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2249
x-xss-protection: 0
expires: Thu, 13 Jan 2022 22:44:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 67346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Jan 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D92A 0
0 43ms
27ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS93NLXa2ea_ENyMraA-e3VF8J56y2yt-FK8DI0tSlg0Ofk8VPAZ-Jcg2E0ui3or14_UX_JzQBxvzF4pOTzj122kEZHbw
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D92A 0
0 56ms
55ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CipTZmHHfYd5ok7jfA8-jhpgOpuql1Gfj6qn9nw-bnfX9CBABIK_iv3tglYKAgLAHoAHF6pm5AsgBCakC9XdypQYxsz7gAgCoAwHIAwiqBPkBT9C22k0b33gG_gOnFxoAu9cYypzMyejqDYYjxKZG4YjbH1Gi7FbPm6Ck_o56S_LePlTPli82Ec8DGaNDnAbB59JCXHjlKmXdi_ub6C_Br4E0zIbAuMilqgG8qrmqdeHmADOiayn2nDBJlibRZ_8rBPwGLKh5zNzQDu_WEnS1BJS5i7_Do7kWkcDEYTEkqcXRocDpRw7y0rpjV-mwowZlHW8Fq4lm2k1rX7wDO-K4nkO8S4V7Rwlwj61q75oAgGgE4avomuj8H4btmhTIFB7hDA9QAH86sUP2N9MBa7gqIkwsyBQ-nGw5LyKf9K_7GHUca4QNraaM8BhuwASO99Tu5APgBAGSBQQIBBgBkgUECAUYBKAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBClyE_SCAkIgOGAEBABGB2ACgPICwHYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTI4NTIzMDU4ODY5ODMxNRi-nnU&sigh=xn9g8A6xEGw&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: viisasraha.fi
URL: https://viisasraha.fi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

POST
H2 200 10 Show response
lwadm.com/analytics/ 0
280 B 8ms
8ms XHR
text/plain 35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/analytics/10
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://viisasraha.fi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://viisasraha.fi
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76B0 624 B
733 B 55ms
32ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 13 Jan 2022 00:26:00 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 13FD 77 KB
31 KB 85ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtXYhXzWbFGwIz69vz-lC3yezVH_L3HPBTr28D5I5fRdZP4e-3vwfUBNkSakD9yjzwsQqYhksad3PA61tYfr_3BNLojRMyikrAyIXZi954LeiHkq_qsiAMGPGBrUDomhREgZUmz9vhIWKHLy_7YU7nF-92WA&dbm_d=AKAmf-AoTgDOahAFvPFsadJUQ2PRqycmMZzyo-feQGVPJtSUt6UG7QBRjWp7tzOW1Mce1KiEsPcfOPd2N-oylIBkEa51Qs-u581P6dXJXn18UgszkzeUgZpXPclV8hqNgUgcfRCQKrOVNctMmMEZ7UoAHL5vQNXShs8QmAFiiK3n0kVxrbKj2ccBldb4lzXyK9YCvov-el2UUGwXIZnDLmdISmYDKVgIliRyjExnR2QTS_Syuzw0l927N0LPh748GKtXPQwxjGOG-nfgFbKblxMLZdPA-Bs7dVNx2T92qR-3HhAQ4wo24soqCx66v0aHyrof2F8mYlfWSS31-trTgqfx-yBxJD8VUdpquN7u1T7MN1irIzQs4ZLczZlmMSpqyJ52zAvXRXXam_36wRWLHpJbpKJDVAc6aBmxzZcE7YdDCsr_CBi5c-5fWPnzYIvHVY8OiZHGx_vNvp1aWsfREcJQcRl5dpPHlkwxsvvs9cHyMCdqrRgx7at3stK6Zze1id3-o-9AcmeoSV05Rwqfjr8AgSG7skRzvpJCjnPGTMjauSsnyUc4jZNfSsUOemzDh24epCahX7CbW6K8M12DYxu697aB-Td7gFYFQ1ZXH2dZuIrHclNR2iUckudzyERzri1lFQTXMuZ8IpXFsMo0GS_wMG8itGfPnO9ea-gvy5VvJqSFBEu__nzuX7KYmQqazDZmi3S8BIQzYRpQ3vRz4bG01XKQVLyYeCfMq29FOGsWta0ycRbF6Pv-mujQjkP8st7xYeSiwbWRGJrTyS_bTkZYKbiaV_WHQZ08mAy0PbVMRg7ThuOyUlP98_REkYZz-j69mREEc8p3EIf-tYn5XNuFG2CTDdVsvTP-u2Ix7pYMXglgpVDAC05s-AVgsBiJyz-gCtQy4or4Cvj6qMnOyHk7xUUf_PRwm0UKrLY6BzCDqw09Yc0aCwvZPLcrziJK2HUC23VsptVznC9PBwkatLE3K07vztBzX_1o1iW6wXH8YQ0MteXO8kN9QSEOxBDAt5ltIS6K6r5uJLWbnzNqffw-jf2ldx4TVWew7jFsHv84eaIWJZMNMpHtaRtW9DR5vCMNt_-HDGvZ768Oo6y9Z59uMQAbZLFec5Lcnjv1ywYzuWHrf6oa_FVIc8bErE_H2j5XZw9vxO3dyTePyf8BnBiVs44MMQqkm7jqN__eksaquoUhCtWb0nLIE0bKvMbewbih49p2zs6WYYo9A20ihUX0frlx9sNfap8JeGMiohaB3enZcYqULN3m1HKEH3Elq5YjBCmhzDDDo5OmQC-F3ABtbwNnHrSZLU8S1uN0-aJeB_57078ZvX185nHudxAKz5p7i52UFT229-ztQn64Jb-9nZ-UlkqIB6R6cPa84fOcAj5Th4nsq2anhMHX6X_q-OsFUzbogDZVvCpGOBk9nWek5cBu_i08YauSJqgm8JHcKKPM5gYR0KnEAqyDAEkRaGBrOTECvTD5_aR5KJ_zjPYZ3nE31jtUhi9HM33IPpjg1Dh65aYGoy_XGw2PrSgGErVkxqK4DTm_gePCWXTJ_4gmW_7x86Kmv_LQjPKTngNkT0hxeL_ZsnRTTC9kqiGvtuTrPCeO5sXrjxaY96X2QhzXQ56H_K_RyCyrfZaTTZw8mdnujSbnFvfYkaQG9IASPCLyH5vBScKVHVhRdd9wsrFymTf5PPrG0z78XURYupvg3aqorAOBl_jtMytk8GjbywQWCtG226tFBqiF2itUdgP_yM8DeMPdD48z8mz-fNUkyIP96b6MRsHuUcFOTkfLpdkl-6s2Nhd3ruUQR5ezCaONqAMm_rpfvp1UkHx5g9GQ0EY-Lcbl2w8j_dEmSSmnyLCI5PJC61ndV4q_fKsTpJn365FU7qxH_8oJBzlbfKcXHOMLg0LqPFK17ocOp-Vl6JpaQ3Uyh-Yqt8Hg4YK-I-nzDcOfDg1nSOxWBVPhh_V5am7SwYZs2ubRhD7epkO4vXiXbYGNGQgefgu30IPw_QHMJxUuNopd7hvd5je8A3KCBAMm6QGfxah0dC4Ft4vThXiqMwhOjxt8BcyFZ0k7nUPVpta7oifmZ2ffbPUpSq1fx4h6CNrYHpEh8ysPOhfzvHX1o6DOKmq187Xy01PJm2nZYshB6aWUeAnw836fEdrdC47WlnvvoLGr2uhZqUixcO7kVPQIGBBlrrLe8sR7tq4UsmfAZIBBTyuvgaBAd5KuOXasgkCc1TDOHSQWZ9Oowq_HiWegUIYi3xUUZZ3UFXiXoXd_z3nnukp93aFt1EhMLDAgprdHEDR-GlynaW3eB2fr9jzujRkVBHXYkvg3PpI8xPSQ0PknG9zxsXXGvjQ_sgFKHLmydqvjFecc16BXB7wxFkMlXOUdkvSEPpn0svziclFZmgN5JrNoh2eEaRVlApJgCpo6kaZTSazLkAppouDtpuV74VDaMWs8RH_APBXD_2ivDth-Yd8kcCl3BbwJuTtX_mSFy-j4gx8IMoHVi3MEnVIdmFWuZQUbhYKJfg3x2v0Y5u-7DndQgHYCBX7YlE67Bbhvkaxvp6R6L9AOi-nZa9j-ZNzbHYKQ7rMLsm_DGA-P38Yn5d3XgTPpaqHdaGaGeMGRtlwumKxul6EqFCFah1mmJDQLArSPbpF0CTn1X_j21hKS1dOQVK2_yYLaw3JlkuMgwpD3o1pIcLzOkwd_wX6hTh0eZKnwfGbNQP3X8NV5aaNSNR6gSHklXkSlZfX7qVc72yZGVAL_mrDprgvirq_WzksIaAfIG_UjCNfCLj8_vX4rl-tC3fB-vhHzUqydLA-1OYIEc91mYqiJfU962uQDPZmNywRTRL0djsVCtE-U0joIV-3c7FDu_-HYEjp_Tid82niW5DpoYvvrlY0gcW9ZyjZCIsW1DHVAC0G8vMgtziKHWhYUV8bCJLMiZ-u6hq--n9gkJKcq-d9Iiwyn11U1F3TBPXvHGBaIEuo-jMULXckGjV23anTO8AF9_dJ0kQjO1bmhaAKCtJgU6d0_RgU_2tVdCij85jQhDoftF_8zIBCodA&cid=CAASEuRo1emIRVcxhxv7gfA3dt75OQ&rfl=1%2Chttps%253A%252F%252Fviisasraha.fi%252F%240

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09f2b195d5da04b975223e5f06a73f7014398f13151a596d5a84ebf83d0fc3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13FD 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSyUr0vx1XOfapt3ZhBZGymiDr_28gglhFF6ur0L9JGMtUv7K2Mz5B1fN9lkzNaftpjNA1mdffqSMnOJCnWLiJKfCa4S4mWeYI6om5wyTKibs4fvw

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/ Frame 13FD 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/window_focus_fy2019.js

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:00:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13FD 121 KB
37 KB 854ms
853ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:26:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/ Frame 13FD 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220110/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

182e9cee52aa715413f1a206dc3ec3c4ffb1f4b54859ddad7d00b601aab1a251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6475
x-xss-protection: 0
server: cafe
etag: 8251579188570802182
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:22:44 GMT

GET
H3 200 fi.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 22:44:12 GMT
x-content-type-options: nosniff
server: cafe
age: 6108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 5712710698203043590
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2249
x-xss-protection: 0
expires: Thu, 13 Jan 2022 22:44:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D92A 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 67346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Jan 2022 05:43:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 76B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 13 Jan 2022 00:26:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 13 Jan 2022 00:26:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 76B0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yd9xmK7-6Mkq0ZjdODac0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 13 Jan 2022 00:26:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAXoFE-lENM8WBflYOhTm3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 76B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPjvS9mcq40CbnN4o8F9gBo&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1

43 B
1 KB

35ms
25ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiE86O-ATAB&v=APEucNVcZovAO8Bhdz89-covV3LuZM_gftxjmXe21ffS0Y_HnVm48oWgVFqj7qY5oprUdgOboEhclD9BNODuckzB2sMBQk1gyBk0E99reqjejeJ4H3LOdu3parCczVyrT91B2B2C2imyfU3nkIjy8k7kQrE4rqJZUQPUmF0bxNF77uiDOLSJs88

Protocol

HTTP/1.1

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b2df7805-3a3a-49fd-b360-0a0c0fc712e7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8b4f5b08-912a-4120-97c8-c377527e865c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPjvS9mcq40CbnN4o8F9gBo%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76B0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D

170 B
188 B

32ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:00 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 61008bd0-d44a-49d2-88f6-9cf270312d59
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ4MDgwODUxNjEyMjE2MTIzNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 13FD 169 KB
59 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Origin: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 10:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 10:25:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/ Frame 13FD 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtXYhXzWbFGwIz69vz-lC3yezVH_L3HPBTr28D5I5fRdZP4e-3vwfUBNkSakD9yjzwsQqYhksad3PA61tYfr_3BNLojRMyikrAyIXZi954LeiHkq_qsiAMGPGBrUDomhREgZUmz9vhIWKHLy_7YU7nF-92WA&dbm_d=AKAmf-AoTgDOahAFvPFsadJUQ2PRqycmMZzyo-feQGVPJtSUt6UG7QBRjWp7tzOW1Mce1KiEsPcfOPd2N-oylIBkEa51Qs-u581P6dXJXn18UgszkzeUgZpXPclV8hqNgUgcfRCQKrOVNctMmMEZ7UoAHL5vQNXShs8QmAFiiK3n0kVxrbKj2ccBldb4lzXyK9YCvov-el2UUGwXIZnDLmdISmYDKVgIliRyjExnR2QTS_Syuzw0l927N0LPh748GKtXPQwxjGOG-nfgFbKblxMLZdPA-Bs7dVNx2T92qR-3HhAQ4wo24soqCx66v0aHyrof2F8mYlfWSS31-trTgqfx-yBxJD8VUdpquN7u1T7MN1irIzQs4ZLczZlmMSpqyJ52zAvXRXXam_36wRWLHpJbpKJDVAc6aBmxzZcE7YdDCsr_CBi5c-5fWPnzYIvHVY8OiZHGx_vNvp1aWsfREcJQcRl5dpPHlkwxsvvs9cHyMCdqrRgx7at3stK6Zze1id3-o-9AcmeoSV05Rwqfjr8AgSG7skRzvpJCjnPGTMjauSsnyUc4jZNfSsUOemzDh24epCahX7CbW6K8M12DYxu697aB-Td7gFYFQ1ZXH2dZuIrHclNR2iUckudzyERzri1lFQTXMuZ8IpXFsMo0GS_wMG8itGfPnO9ea-gvy5VvJqSFBEu__nzuX7KYmQqazDZmi3S8BIQzYRpQ3vRz4bG01XKQVLyYeCfMq29FOGsWta0ycRbF6Pv-mujQjkP8st7xYeSiwbWRGJrTyS_bTkZYKbiaV_WHQZ08mAy0PbVMRg7ThuOyUlP98_REkYZz-j69mREEc8p3EIf-tYn5XNuFG2CTDdVsvTP-u2Ix7pYMXglgpVDAC05s-AVgsBiJyz-gCtQy4or4Cvj6qMnOyHk7xUUf_PRwm0UKrLY6BzCDqw09Yc0aCwvZPLcrziJK2HUC23VsptVznC9PBwkatLE3K07vztBzX_1o1iW6wXH8YQ0MteXO8kN9QSEOxBDAt5ltIS6K6r5uJLWbnzNqffw-jf2ldx4TVWew7jFsHv84eaIWJZMNMpHtaRtW9DR5vCMNt_-HDGvZ768Oo6y9Z59uMQAbZLFec5Lcnjv1ywYzuWHrf6oa_FVIc8bErE_H2j5XZw9vxO3dyTePyf8BnBiVs44MMQqkm7jqN__eksaquoUhCtWb0nLIE0bKvMbewbih49p2zs6WYYo9A20ihUX0frlx9sNfap8JeGMiohaB3enZcYqULN3m1HKEH3Elq5YjBCmhzDDDo5OmQC-F3ABtbwNnHrSZLU8S1uN0-aJeB_57078ZvX185nHudxAKz5p7i52UFT229-ztQn64Jb-9nZ-UlkqIB6R6cPa84fOcAj5Th4nsq2anhMHX6X_q-OsFUzbogDZVvCpGOBk9nWek5cBu_i08YauSJqgm8JHcKKPM5gYR0KnEAqyDAEkRaGBrOTECvTD5_aR5KJ_zjPYZ3nE31jtUhi9HM33IPpjg1Dh65aYGoy_XGw2PrSgGErVkxqK4DTm_gePCWXTJ_4gmW_7x86Kmv_LQjPKTngNkT0hxeL_ZsnRTTC9kqiGvtuTrPCeO5sXrjxaY96X2QhzXQ56H_K_RyCyrfZaTTZw8mdnujSbnFvfYkaQG9IASPCLyH5vBScKVHVhRdd9wsrFymTf5PPrG0z78XURYupvg3aqorAOBl_jtMytk8GjbywQWCtG226tFBqiF2itUdgP_yM8DeMPdD48z8mz-fNUkyIP96b6MRsHuUcFOTkfLpdkl-6s2Nhd3ruUQR5ezCaONqAMm_rpfvp1UkHx5g9GQ0EY-Lcbl2w8j_dEmSSmnyLCI5PJC61ndV4q_fKsTpJn365FU7qxH_8oJBzlbfKcXHOMLg0LqPFK17ocOp-Vl6JpaQ3Uyh-Yqt8Hg4YK-I-nzDcOfDg1nSOxWBVPhh_V5am7SwYZs2ubRhD7epkO4vXiXbYGNGQgefgu30IPw_QHMJxUuNopd7hvd5je8A3KCBAMm6QGfxah0dC4Ft4vThXiqMwhOjxt8BcyFZ0k7nUPVpta7oifmZ2ffbPUpSq1fx4h6CNrYHpEh8ysPOhfzvHX1o6DOKmq187Xy01PJm2nZYshB6aWUeAnw836fEdrdC47WlnvvoLGr2uhZqUixcO7kVPQIGBBlrrLe8sR7tq4UsmfAZIBBTyuvgaBAd5KuOXasgkCc1TDOHSQWZ9Oowq_HiWegUIYi3xUUZZ3UFXiXoXd_z3nnukp93aFt1EhMLDAgprdHEDR-GlynaW3eB2fr9jzujRkVBHXYkvg3PpI8xPSQ0PknG9zxsXXGvjQ_sgFKHLmydqvjFecc16BXB7wxFkMlXOUdkvSEPpn0svziclFZmgN5JrNoh2eEaRVlApJgCpo6kaZTSazLkAppouDtpuV74VDaMWs8RH_APBXD_2ivDth-Yd8kcCl3BbwJuTtX_mSFy-j4gx8IMoHVi3MEnVIdmFWuZQUbhYKJfg3x2v0Y5u-7DndQgHYCBX7YlE67Bbhvkaxvp6R6L9AOi-nZa9j-ZNzbHYKQ7rMLsm_DGA-P38Yn5d3XgTPpaqHdaGaGeMGRtlwumKxul6EqFCFah1mmJDQLArSPbpF0CTn1X_j21hKS1dOQVK2_yYLaw3JlkuMgwpD3o1pIcLzOkwd_wX6hTh0eZKnwfGbNQP3X8NV5aaNSNR6gSHklXkSlZfX7qVc72yZGVAL_mrDprgvirq_WzksIaAfIG_UjCNfCLj8_vX4rl-tC3fB-vhHzUqydLA-1OYIEc91mYqiJfU962uQDPZmNywRTRL0djsVCtE-U0joIV-3c7FDu_-HYEjp_Tid82niW5DpoYvvrlY0gcW9ZyjZCIsW1DHVAC0G8vMgtziKHWhYUV8bCJLMiZ-u6hq--n9gkJKcq-d9Iiwyn11U1F3TBPXvHGBaIEuo-jMULXckGjV23anTO8AF9_dJ0kQjO1bmhaAKCtJgU6d0_RgU_2tVdCij85jQhDoftF_8zIBCodA&cid=CAASEuRo1emIRVcxhxv7gfA3dt75OQ&rfl=1%2Chttps%253A%252F%252Fviisasraha.fi%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:13:06 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/ Frame 13FD 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
server: cafe
etag: 6261108306223674270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 00:16:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 13FD 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jan 2023 13:28:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4137 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 Jan 2022 05:53:44 GMT
expires: Thu, 13 Jan 2022 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 66736
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CED3 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 08 Jan 2022 18:05:45 GMT
expires: Sun, 08 Jan 2023 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 368415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/10440403487295537152/ Frame 6516 47 KB
11 KB 15ms
15ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09cf4deda5a1a90d3d1ed91440de70973e9f2a9fa1affbfb617fd1a687aabab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 13 Jan 2022 00:26:00 GMT
expires: Fri, 13 Jan 2023 00:26:00 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 23 Jul 2021 06:16:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13FD 0
24 B 58ms
58ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRj3FRLy8bKdSSbR_fDvkMCXyi0tOUEnEgw8XFZFkqZTWTmAw10Ci8YbLzm2XMWSS4hpdz70NCjIohr4aL8JdzQT317pk-Lpa1t7yjhv0qHc3Dz-txiqkRtC90VtIhsH_YHiq1D5XfRr5hvOECh4LqhZZEVxzkVpJ8lD3uDWigJUcZQg5F1bJooYBOS3sZqGyi-7vWCgXH21cX6rrE1ee840OHWvNOQXg1VjdFA4C6ZiC6IjDUmHIEse31uwkTQEaP4VStN1lXKQ5--j9ZH2cU18uHHYztP3Ma-BV6JF0rEjR_WkecBW8InWUaNpIwgl2gqAySTtRc9QYYx8CPv4WFhrfGHH_FajGcbMZx8hPa51VTSiq-zIMN8Oq2fXe2pGUs5EVAQnvCUzb0q8Z_ORGlmtmIBp7mjDJHCO2WjZmlBg7KoB9CBPkROjmrBztkCk8EDZaEVyFMusqzsYKCsWps74dzCXBpjiHdVRwMIC3enGbDWDMspIOucEin09DYntDWfIAxohg3yVQHUtZvd56xa7l_DFRKb0bPcjgbdxtJMQjGb5s7yGUCmhxHtx3R7f-_Wvmt8Mp6_GJKhTX4rrPFGzOGUixM9c--gOmnAQYPMWjtS5U6Ni7ToYj3u8ngYgsh5C-DD0ai5_7Gf99xAdAp6qrnQskRw5APJ3DY9KLWoq9oTAxdGe5V9k8zpM9eGfS-ybB65jrHghWxVBTrw3MvnjzDfUrob48bBtMseDHOEMugD7P9aXuqoJ7uNPgcBD7s5LtXn8UBEuGqNN8pdKAfMQHFejyKI9L2sz97J_o7HRF-sMTMG9g7zmXUyRhV12zZ7xwb_R0L0ydN2HI8Ds3WDfoB3r76hPOc9D4xrxudH3s5JQlDGyw1VAN0pRwpwTwWDXceRuN6roHGE97NVDnMe48PFNrD-j2OppPokSeF2Zyu56DNhwOizUOQLSauNcmiFnuo7kkp6BxNdp6O_IyV_3qHwlMhpLdZxxGXFmdU070bWblJrilCyt_TRR1MKqjwHiblgqDUaRroUzpgS9NEZchF1GW3cl5sN_xKnScPNl5k05enmLY9q3Hy6yjEajdALJsMdO0jlYl0ttzJsps5YTyjpbVg9YfNI4ODVlYPjskHbkz0xirQxMCzOc8dth6smszZQUQt3PTTJsSvHNavgzABNQ5qCzbxGDq1jQ&sai=AMfl-YTHzw93cK3i5OvIQrQXv7QDWlcxWNgP4fIb5lwmcOm3S5HxA5yzAVyK61e-Z_6HYkXKx3ITYNSLJ1tToMrqByobENdNgYTrcNrWwEksnookkgCr7_NtOD9B7oAtmogbiEKO5LSfXNxoQeobwbAIirrUCHNI3A&sig=Cg0ArKJSzCqUMBhbD63lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=49&cbvp=1&cstd=44&cisv=r20220110.43455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 13 Jan 2022 00:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET /
google2waycm.netmng.com/cm/ Frame 4137 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4137
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1&google_push=AYg5qPL3zbqHF_cSGHiH79pvIsev_IKeMtcNwppK_4aPgD8ranP1JncVi4ABvDfEMdc4q5nw9FNsHLPVuAqBRltx2QuvH1Sd4Vuh
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxNzIyNzY2MDExMTA4OTY2MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1

43 B
407 B

95ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
Requested by: Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:25:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtrWT80bt5hTTjj5qqd-xU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4137 0
104 B 112ms
37ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA7hdwI6nzAhb5HTUOpZuoY&google_cver=1&google_push=AYg5qPIVSv4MYJxxESrQ9ZjgM5lp63E-FIFeOgeclE9PAe6wr_Rs3etSYxMK4K769pmv1gHusvlPJGINp3BMiRghucvCVsNUBgJ0Qg
Requested by: Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzK...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58G...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELxt-ayOfqlt75YtrOAZx7Q&google_cver=1&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEE8FuPb5Q_O30PdsDXn9x60&google_cver=1&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLW...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinAS...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA2Mjc0ZmRlYS03NDA3LTExZWMtOGNiNC0wMjljNWJiZmM0ZjI%3D&google_push=AYg5qPI9ej_oagsQPKPZtUHEu9HVDpHww5ykVQY4n4RbCgyV6IjgLWg6F4kaERinASUX_dm_G2MNc1_sCRoxSNdYZPPWE6zqGIjyLw
date: Thu, 13 Jan 2022 00:26:00 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4137
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMe...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJhOeubqAJ4MgzuYSvjry3c&google_cver=1&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMe...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQD...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sc2x1QlpKRTJ1SFFFYVJXUVF5dUNwU0FDNlltNURGdn5B&google_push=AYg5qPITRsNFHZ3WjDIAJxAhKB1_AZvWitubXpeFjLCaw7WYIyelfhbQDzcRD0s8yNN0LK7XMeggdMhp13PV_8RS25hRU02VvUircGU
date: Thu, 13 Jan 2022 00:26:00 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4137 0
12 B 21ms
15ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfomUGnIufNL215iflst-CBeNks90G_Rw9_CzUvHxsnEW6PhyyJoOmM_n4FFbN2DT9yt1jB1Y

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js Show response
pagead2.googlesyndication.com/bg/ Frame CED3 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 23:20:33 GMT

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 6516 116 KB
39 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 10:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 10:40:18 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6516 60 KB
24 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 00:26:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 13FD 0
23 B 47ms
46ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRj3FRLy8bKdSSbR_fDvkMCXyi0tOUEnEgw8XFZFkqZTWTmAw10Ci8YbLzm2XMWSS4hpdz70NCjIohr4aL8JdzQT317pk-Lpa1t7yjhv0qHc3Dz-txiqkRtC90VtIhsH_YHiq1D5XfRr5hvOECh4LqhZZEVxzkVpJ8lD3uDWigJUcZQg5F1bJooYBOS3sZqGyi-7vWCgXH21cX6rrE1ee840OHWvNOQXg1VjdFA4C6ZiC6IjDUmHIEse31uwkTQEaP4VStN1lXKQ5--j9ZH2cU18uHHYztP3Ma-BV6JF0rEjR_WkecBW8InWUaNpIwgl2gqAySTtRc9QYYx8CPv4WFhrfGHH_FajGcbMZx8hPa51VTSiq-zIMN8Oq2fXe2pGUs5EVAQnvCUzb0q8Z_ORGlmtmIBp7mjDJHCO2WjZmlBg7KoB9CBPkROjmrBztkCk8EDZaEVyFMusqzsYKCsWps74dzCXBpjiHdVRwMIC3enGbDWDMspIOucEin09DYntDWfIAxohg3yVQHUtZvd56xa7l_DFRKb0bPcjgbdxtJMQjGb5s7yGUCmhxHtx3R7f-_Wvmt8Mp6_GJKhTX4rrPFGzOGUixM9c--gOmnAQYPMWjtS5U6Ni7ToYj3u8ngYgsh5C-DD0ai5_7Gf99xAdAp6qrnQskRw5APJ3DY9KLWoq9oTAxdGe5V9k8zpM9eGfS-ybB65jrHghWxVBTrw3MvnjzDfUrob48bBtMseDHOEMugD7P9aXuqoJ7uNPgcBD7s5LtXn8UBEuGqNN8pdKAfMQHFejyKI9L2sz97J_o7HRF-sMTMG9g7zmXUyRhV12zZ7xwb_R0L0ydN2HI8Ds3WDfoB3r76hPOc9D4xrxudH3s5JQlDGyw1VAN0pRwpwTwWDXceRuN6roHGE97NVDnMe48PFNrD-j2OppPokSeF2Zyu56DNhwOizUOQLSauNcmiFnuo7kkp6BxNdp6O_IyV_3qHwlMhpLdZxxGXFmdU070bWblJrilCyt_TRR1MKqjwHiblgqDUaRroUzpgS9NEZchF1GW3cl5sN_xKnScPNl5k05enmLY9q3Hy6yjEajdALJsMdO0jlYl0ttzJsps5YTyjpbVg9YfNI4ODVlYPjskHbkz0xirQxMCzOc8dth6smszZQUQt3PTTJsSvHNavgzABNQ5qCzbxGDq1jQ&sai=AMfl-YTHzw93cK3i5OvIQrQXv7QDWlcxWNgP4fIb5lwmcOm3S5HxA5yzAVyK61e-Z_6HYkXKx3ITYNSLJ1tToMrqByobENdNgYTrcNrWwEksnookkgCr7_NtOD9B7oAtmogbiEKO5LSfXNxoQeobwbAIirrUCHNI3A&sig=Cg0ArKJSzCqUMBhbD63lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&vt=11&dtpt=65&dett=3&cstd=44&cisv=r20220110.43455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: viisasraha.fi
URL: https://viisasraha.fi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6516 6 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9cc555bb54707aed9f00bbd12374ca9c2ee518c615ad72ea91c50b9408dc367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4602
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CED3 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_rCNmHHfYbGKIInX7_UPv8CWqAsAAAAAOAHgBAI&bg=!cHOlczfNAAaocxMpqHM7ACkAdvg8Wjt-EMRJ3aogSA1tgdYhoT5479yYoeY-43Y-qKnnpEukKq2W3gIAAABaUgAAAAJoAQeZAsepXc3JcYGOg0g6WI2-XtMraNgW3wXQr_XTHokhwHTfCDNcFpO_yzpmIJz1YYusSMKK2NIU5TdZN_ZqddUI7wK9N0KjdXsqEx_pQtuc6G8UqvZa_lLsobNDA6oZxCX6ejm4r28U8nctlXnK7_q7iyZFn4Ccngh6bY8utN4Vgf8BbZ1b8wb8IcWqx8auZM4mcJYLRjFRbbJUKMJoEvsBzFypwvDNNa9ar5iNryZqaqYJU9OZ-5kfoU9eea7SIqbs9g_TnBRPnD8L8mGhI-U0h6EmaXjIo48IlC0PdozrWDzzXiKEBwmUojof08r-BUu2-OsIFZ956nbHpB5w43YtNkDbbVizqbM1gihkdGzXAEIg-0Fkr-yKUTcnOl_aR1snJFoaNyK6YCDbHqWJAtiDzpug-fFLNWDLvHGdxxItIK-TND6sL90iXLvdtx4bVMySmfIORuvFQ_oucMEfF87NTtOKcDYtY71VlpUnaKC3kQvwvpSaru4pxLZHmeLOY3l6j54MgU19FBLdUmgfxIYYkfCOYMcXoh3Mv1ico4eG3AClKwNkCK1OJaFlYePHSZ3Cv0nAilFgVP04c1mb_ohPlWOrt2KLFft6UuS5F5GPUxsyekVLpbmhwyGXKtMywgxSxh-1rRVxsGzbGp3AUn4Y-vz3dDA_y16gBfICo4TGFuzP727ALMwFB8F-8xd5kOriEuU6tapftRrsjTJ6ilxOGBWtI-pQ-hos1RdrXuxH7sT2J4Obe_pw8joiFb7oAd5J7ycxH4J_Mh-L56IXKHT3s_y1oWBJ6stOa54PrETntxGeuV8YH0xRuivHrAnNd1N0vY35NCvTv0N-lGNyA60lGCw1Yvwmz4VmSM8E90rWFnevU3ZlULixXRSvi3KzaoLGLc3hX-q7jZq-9SDpoNyRO6yocejea58n5M-kElWbCQdQRJC79n1m9IA

Requested by

Host: 37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
URL: https://37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6516 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jan 2022 00:26:00 GMT

GET
H3 200 ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8078 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ze6spFYAGmeX0SVs4uO-WfgikXQwH0dcHguaiLf8sa4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 23:20:33 GMT

GET
DATA 200
OK truncated
/ Frame 13FD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e5d936e86046250a53660487d50079f15aa51cd1470bc9ffc18d8f0edad5448

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 60005582_20210910245320703_300x600_LOOK-01B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516 72 KB
72 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245320703_300x600_LOOK-01B.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20a2ef887a247f69bd933e0163383438188de920bcd4c4ded920d0e68beb8dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options: nosniff
age: 5053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73614
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:53:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 23:01:48 GMT

GET
H3 200 60005582_20210910245324072_300x600_LOOK-02B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516 76 KB
76 KB 13ms
12ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245324072_300x600_LOOK-02B.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79ce7be073d9d7c36a3d35ade59a4949c0f09969850445f76b83a96982e39ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options: nosniff
age: 5053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77756
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:53:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 23:01:48 GMT

GET
H3 200 60005582_20210910245327812_300x600_LOOK-03B.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6516 73 KB
73 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245327812_300x600_LOOK-03B.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d20657079f8954eb227679fb4ca5b73b03f9624915a290819cdd067a60a1b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10440403487295537152/300x600.html?e=69&leftOffset=0&topOffset=0&c=a1uSdFD5FL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:01:48 GMT
x-content-type-options: nosniff
age: 5053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74617
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:53:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jan 2022 23:01:48 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 6516 43 B
609 B 32ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251655_146022261_-0&ref=27008872_4307561_324251655_146022261_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Obertshausen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:26:01 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AAA3 14 KB
5 KB 40ms
7ms Document
text/html 2.21.141.175

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=99319
expires: Fri, 14 Jan 2022 04:01:21 GMT
date: Thu, 13 Jan 2022 00:26:02 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C3F4 14 KB
5 KB 40ms
9ms Document
text/html 2.21.141.175

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=96387
Requested by: Host: content.lwadm.com
URL: https://content.lwadm.com/lw/4.43.4.5/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=99319
expires: Fri, 14 Jan 2022 04:01:21 GMT
date: Thu, 13 Jan 2022 00:26:02 GMT
vary: Accept-Encoding

GET
H2

200

pl
lwadm.com/usermatch/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%...
https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704

70 B
473 B

10ms
9ms

Image
image/gif

35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
Protocol: H2
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://viisasraha.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 70
content-type: image/gif

Redirect headers

location: https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=c14360b0-ff2f-489e-b086-be36cd097dab&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=6218817439156915704
date: Thu, 13 Jan 2022 00:26:02 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AAA3 5 KB
6 KB 82ms
17ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51260590&p=96387&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58d35ac0be7910388b1ca06d92daa9dc70b56586a5bfe13cf499463c59d4a70c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:01 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame A7DE 35 B
468 B 65ms
19ms Document
image/gif 37.157.3.29

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=13598A7E-CECB-486F-8FCD-FC4546AB1069

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4B03
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=

42 B
512 B

34ms
13ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:02 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug002:0:400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Thu, 13 Jan 2022 00:26:03 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aed461df-719a-4000-896a-89479c62e7ca&gdpr=0&gdpr_consent=
Expires: Thu, 13 Jan 2022 00:26:02 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C6DF
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837

42 B
209 B

18ms
17ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug030:0:403
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8400184701518345837
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E96C 43 B
362 B 58ms
16ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 Jan 2022 00:26:02 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 13 Jan 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 582402
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 28BF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285

42 B
366 B

60ms
14ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 12 Jan 2022 21:03:37 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0022:0:478
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 13 Jan 2022 00:26:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7052480452021254285

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9DB5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF

1 B
410 B

13ms
12ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 12 Jan 2022 21:03:39 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug0024:0:403
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yd9xmwAFIX-6agAF&gdpr=0&gdpr_consent=&_test=Yd9xmwAFIX-6agAF
accept-ranges: bytes
date: Thu, 13 Jan 2022 00:26:03 GMT
via: 1.1 varnish
x-served-by: cache-hhn4081-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1642033563.237355,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8C9F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ

42 B
218 B

13ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug015:0:394
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 13 Jan 2022 00:26:03 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Q1XzZupEQ5B-8t1HIAeiEorHJoQ
Content-Length: 159
Connection: keep-alive

GET

pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame E002
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame ACE4
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
243 B

48ms
13ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:02 GMT
content-type: text/html; charset=utf-8
x-lat: amspug001:2:273
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Thu, 13 Jan 2022 00:26:03 GMT
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AC40
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6

42 B
217 B

47ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:435
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 13 Jan 2022 00:26:03 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=x2RVrANbFruzxF6bEVcxYJH6
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame CD2E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
421 B

175ms
162ms

Document
image/gif

2606:4700::6812:d05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cca7daaab728bc9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 1827
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cca7da989988bc9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame EDB0 0
0

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 2C9D 15 B
915 B 93ms
42ms Document
text/plain 2606:4700:3039::6815:c08e

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c08e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cca7da9bd7c71ce-LHR

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5CF5
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=732505606
https://sync.1rx.io/usersync/tradedesk/99f0e4a9-cb02-4aa9-aa46-47ef2e75d17d
https://sync.targeting.unrulymedia.com/csync/RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003

42 B
511 B

13ms
13ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 12 Jan 2022 21:03:52 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0027:0:428
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-77bcf357-3cc2-44d6-9592-3f8c2b1a2078-003
etag: RX77bcf3573cc244d695923f8c2b1a2078003

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 81C9 43 B
408 B 84ms
17ms Document
image/gif 173.231.180.197

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 13 Jan 2022 00:26:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 99D9 43 B
279 B 126ms
31ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: komodo-276f3b7a09e4@version_1.366v3
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 1ms
Date: Thu, 13 Jan 2022 00:26:03 GMT

GET
H2 200 pl Show response
lwadm.com/usermatch/ Frame A14A 70 B
557 B 10ms
9ms Document
image/gif 35.156.232.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/usermatch/pl?cb=637776303586284191&bid=52cbd598-2715-4c43-a06f-229fc170f945&lwuid=679c8f9bc8034a279bea9511fd8b6008&buid=13598A7E-CECB-486F-8FCD-FC4546AB1069
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.232.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-232-125.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
content-type: image/gif
content-length: 70
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-credentials: true

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AAA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E1mKfs7LSG-PzfxFRqsQaQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

9ms
6ms

Image
text/html

2.21.141.175

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 2.21.141.175 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=99318
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 14 Jan 2022 04:01:21 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586

0
259 B

25ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 13 Jan 2022 00:26:03 GMT
Server: MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=09a061df-719a-4c00-8f5b-d79d97238586
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 Jan 2022 00:26:02 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame AAA3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=13598A7E-CECB-486F-8FCD-FC4546AB1069
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22

35 B
248 B

16ms
16ms

Image
image/gif

141.94.170.77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: HTTP/1.1
Server: 141.94.170.77 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Thu, 13 Jan 2022 00:26:03 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=40fdf7c0048823fc7372fb105db51f22
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM1OThBN0UtQ0VDQi00ODZGLThGQ0QtRkM0NTQ2QUIxMDY5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

84ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:364
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1

42 B
591 B

83ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:363
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELpXMBG_TiPeM2iXiNvz7Cs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame AAA3 43 B
610 B 50ms
12ms Image
image/gif 159.122.14.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 12 Jan 2022 00:26:03 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704

42 B
390 B

40ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 21:58:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0023:0:386
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6218817439156915704
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591

42 B
293 B

13ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:02 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:342
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69ea2779-e977-4779-b3a2-3920ef5b7591
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=

42 B
233 B

84ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug027:0:542
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:03 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2efec890-ea1d-4828-867b-ddc4512c2066
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7041323315059818779&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=13598A7E-CECB-486F-8FCD-FC4546AB1069&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=

0
48 B

65ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L920RKlE2uXs9Gh.TSz3eb7NTDn1sY0-~A&gdpr=0&gdpr_consent=
date: Thu, 13 Jan 2022 00:26:03 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 13598A7E-CECB-486F-8FCD-FC4546AB1069
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AAA3 43 B
875 B 134ms
36ms Image
image/gif 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/13598A7E-CECB-486F-8FCD-FC4546AB1069?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv

42 B
314 B

56ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:504
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zYSe8cyEw_XWh8n0y4PX8c6NzKLW0Zukz4b9_OGv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://x.bidswitch.net/sync?dsp_id=429&user_id=5b92343e-6313-520d-b27c-a13bd3a3d0a0&ssp=pubmatic&expires=30&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=

1 B
335 B

13ms
13ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:402
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f09a26d-120a-46cd-9170-d9f78e24a74f&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 13 Jan 2022 00:26:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=

1 B
321 B

68ms
13ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 21:00:21 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:394
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3317227660111089660&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 13 Jan 2022 00:26:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame AAA3 0
103 B 41ms
19ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=13598A7E-CECB-486F-8FCD-FC4546AB1069&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=

42 B
233 B

18ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:346
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 00:26:02 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a96c73cd-85ce-4c13-8c45-94ae9ad6263e-61df719b-5858&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame AAA3 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AAA3
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779

42 B
110 B

13ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&p=96387&predirect=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637776303586284191%26bid%3d52cbd598-2715-4c43-a06f-229fc170f945%26lwuid%3d679c8f9bc8034a279bea9511fd8b6008%26buid%3d
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 00:26:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:359
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 00:26:03 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7fe714a7-bdae-4912-9e28-ceee954c6c46
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7041323315059818779
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEAcp_urXAdhsYlpwJ5c8pf8&google_cver=1&google_push=AYg5qPJYOtUXmFwfNKYMbUuyOGdtg0wa8GGOZmX2wUVzbHxBkN-7SIxvzvQQhnAFuezpU8m0lcexrKLTTBEB9s5o1RbY4bAbWL0X

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1

Domain: trc.taboola.com
URL: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lwadm.com/	1970-01-20 00:50:25	Name: uid Value: 679c8f9bc8034a279bea9511fd8b6008
.viisasraha.fi/	1970-01-20 17:38:25	Name: _ga Value: GA1.2.1714183167.1642033558
.viisasraha.fi/	1970-01-20 00:08:39	Name: _gid Value: GA1.2.2033765066.1642033558
.viisasraha.fi/	1970-01-20 00:07:13	Name: _gat_gtag_UA_48142457_13 Value: 1
.adform.net/	1970-01-20 00:51:51	Name: C Value: 1
.adform.net/	1970-01-20 01:33:37	Name: uid Value: 6218817439156915704
viisasraha.fi/	1970-01-20 00:28:49	Name: lwuid Value: 679c8f9bc8034a279bea9511fd8b6008
.viisasraha.fi/	1970-01-20 08:52:49	Name: _hjSessionUser_2073088 Value: eyJpZCI6ImUxMzQzNDg0LTc3MGYtNTQwMi04NGY3LTRkZDk0YmUzYjAxMiIsImNyZWF0ZWQiOjE2NDIwMzM1NTc3NjUsImV4aXN0aW5nIjpmYWxzZX0=
.viisasraha.fi/	1970-01-20 00:07:15	Name: _hjFirstSeen Value: 1
viisasraha.fi/	1970-01-20 00:07:13	Name: _hjIncludedInPageviewSample Value: 1
.viisasraha.fi/	1970-01-20 00:07:15	Name: _hjSession_2073088 Value: eyJpZCI6ImUwNDU0YmRmLTViOGMtNDM0MC1hZWZjLTU3YzZjYjk2YWM2NiIsImNyZWF0ZWQiOjE2NDIwMzM1NTc5NjksImluU2FtcGxlIjp0cnVlfQ==
.viisasraha.fi/	1970-01-20 00:07:15	Name: _hjAbsoluteSessionInProgress Value: 0
viisasraha.fi/	1970-01-20 00:50:25	Name: _pbjs_userid_consent_data Value: 3524755945110770
viisasraha.fi/	1970-01-20 09:28:49	Name: cto_bidid Value: DPeERl9GWUtib0pTWkE0ZENja2w2aEU4T0JWWm5sdHZCUyUyRlNyTUIyYTdGJTJGQTUzczMlMkJUUndCZVBaRVBqcFJKc29NNTNBcXBTb3RxOGFQMjZ3c05IMHRLWFM4ZyUzRCUzRA
viisasraha.fi/	1970-01-20 09:28:49	Name: cto_bundle Value: mIUa3V9MSmlCREVWNTlQRUNBelFDRGMlMkJRNSUyRmtUNE1VM1Rnb0VmM21MUXBlN2JKY1daSmw0TmRpam1VekUlMkIyZTFtUzRidzlYaEdsNkZLNkpPZG0lMkJmWElTQzJ0WEkxSlNwZlV5Nm9IUzVIVVNva2JpRlZsVnYxMyUyRkRGWFp6c2cyNDRwTkc
.doubleclick.net/	1970-01-20 09:28:49	Name: IDE Value: AHWqTUkD1PdX9TWtH6FqPc2GgmQG39OcpIBCHBnyn0-EztOxAD7DXTl_C0nnw5dXBns
.viisasraha.fi/	1970-01-20 09:28:49	Name: __gads Value: ID=f9194f28ad70739f:T=1642033559:S=ALNI_MZ_dB4epquec7tnjnG0sqWa6lmQFw
.casalemedia.com/	1970-01-20 02:16:49	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 08:52:49	Name: CMID Value: Yd9xmK7-6Mkq0ZjdODac0QAA
.casalemedia.com/	1970-01-20 02:16:49	Name: CMPRO Value: 1138
.casalemedia.com/	1970-01-20 00:08:39	Name: CMST Value: Yd9xmGHfcZgA
.adnxs.com/	1970-01-20 02:16:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHkcLD8!]tbPl1M>e)ZlrFUfJ+tGXvWB@ez^@HO?K0NXJdaX4UgRVv=33c?/bNN/DpHbpRzqF1`b`9r6FRZ
.adnxs.com/	1970-01-20 02:16:49	Name: uuid2 Value: 7041323315059818779
.casalemedia.com/	1970-01-20 08:52:49	Name: CMRUM3 Value: 2d61df71982760CAESEAXoFE-lENM8WBflYOhTm3k
.yahoo.com/	1970-01-20 08:53:11	Name: A3 Value: d=AQABBJhx32ECECP7JB7Ly9VQza0afCiYwMkFEgEBAQHD4GHpYQAAAAAA_eMAAA&S=AQAAAquph5ZrGkQnderMNd7SAZk
.advertising.com/	1970-01-20 08:54:15	Name: APID Value: UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2
.turn.com/	1970-01-20 04:26:25	Name: uid Value: 3317227660111089660
.analytics.yahoo.com/	1970-01-20 08:54:15	Name: IDSYNC Value: "18yx~22mo:18wq~22mo"
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP6274fdea-7407-11ec-8cb4-029c5bbfc4f2
.yahoo.com/	1970-01-20 00:08:39	Name: APIDTS Value: 1642033560
.360yield.com/	1970-01-20 02:16:49	Name: tuuid Value: 08255bb8-c1ff-46f6-abd4-fd99d30134f9
.360yield.com/	1970-01-20 02:16:49	Name: tuuid_lu Value: 1642033560
.o2online.de/	1970-01-20 00:17:18	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251655_146022261_-0&ref=27008872_4307561_324251655_146022261_-0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v82.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://service.giosg.com/api/v5/orgs/5047/client-settings/?url=https%3A%2F%2Fviisasraha.fi%2F Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yd9xmK7_6Mkq0ZjdODac0QAABHIAAAIB&google_gid=CAESENrN8UGp3d_9XGzIAvgvNSc&google_push=AYg5qPKU52wekSC4O_WkFiDpyH-ja7A3VFHOTaZlvcemxizzxzKaRpCkFKnDw11xnQs5VkJndUH5WktRynlsZQITQxnUpq7gJN4ecA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CCVbuMH_Rvar1P2Z0wE0-Q&google_push=AYg5qPLEJSX4Emdbki4agVl_kBR3yWsPrqCHRsMO77af38U9oxp-fO6IWFm_X3iHwjQYC0oozceRpDFWDdxQSq_K-Aa58Gj_XZgq Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37fa5819d6ac21cb74321b509a30ab44.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
assets.strossle.com
bonfire.spklw.com
c.bannerflow.net
c1.adform.net
cdn.ampproject.org
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
content.lwadm.com
core.iprom.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
feed.lehtiluukku.fi
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
in.hotjar.com
loada.exelator.com
lwadm.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
portal.o2online.de
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r.turn.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.giosg.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
vars.hotjar.com
viisasraha.fi
visitanalytics.userreport.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
hbopenbid.pubmatic.com
match.adsby.bidtheatre.com
match.prod.bidr.io
trc.taboola.com
104.244.42.200
108.157.4.57
13.224.193.12
141.94.170.77
142.250.184.226
142.250.186.166
142.250.186.98
143.204.98.29
15.197.193.217
151.101.2.49
159.122.14.34
173.231.180.197
178.250.0.157
178.250.0.163
178.63.219.113
18.156.0.31
18.197.186.171
18.198.121.250
18.66.112.111
185.29.132.245
185.33.221.53
185.64.189.110
185.64.190.78
185.64.190.80
188.165.137.78
188.42.191.196
195.5.165.20
198.47.127.20
2.18.234.21
2.21.141.175
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.45
23.88.75.189
2600:9000:21f3:2600:1b:7f5c:2c80:93a1
2600:9000:2315:1200:19:1c05:a1c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:8a9
2606:4700:3031::ac43:d645
2606:4700:3039::6815:c08e
2606:4700::6810:135e
2606:4700::6810:d40
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:2638::1c
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
31.217.192.158
34.102.253.54
34.205.3.24
34.241.159.43
34.254.143.3
35.156.232.125
37.157.2.247
37.157.3.29
37.157.6.241
37.157.6.242
54.171.36.119
66.155.71.149
82.113.101.132
85.114.159.118
95.216.215.9
07f606424258bac88037d5bcc64166f1b5df6e09372b20ea4e2cf16101c4f49a
09f2b195d5da04b975223e5f06a73f7014398f13151a596d5a84ebf83d0fc3d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0e96a40c38b9acd2aed198af86727faf9adacb0d73364f7583aaf740f687d44e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ee2cbde9a472a390bdf54eabf18b5b093b4080c55c0ba7c415ecab85a58a821
1028e23693af5ebfab763bbcf0e34164a9f8a8b7edab823000e680428be6b097
11ceff13d6c52cc4f36a14030e396c789b09828b48a4b4fb9fa11028ebe09d8c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14175b683d3cfc2d44201c62b0bc444bbd6ac7788c3687c3da4210b2a6259e0e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
162a6b3bdfbd0f251e65e340c383b01c333ab0c1e5c1688e93afc965abbeab5f
182e9cee52aa715413f1a206dc3ec3c4ffb1f4b54859ddad7d00b601aab1a251
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a88f714012e2bed9fe831ed0615a73edb642fb6e529c2399e2658ae72771640
1d660670547ee96b0044ac8666427891693666a974dfcb710a4315ec18b9bb3f
20a2ef887a247f69bd933e0163383438188de920bcd4c4ded920d0e68beb8dd2
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
26b32c35a2119f2c84d15ba619815f30615a190dff209df727d3d996d702e9b3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2d0cbcd1269e55e005b91a097951f98a08a48e4118dcfe999b2969b437ca14bc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
323a1227e87d3936afbba80e883cb98419126b85cf3338f81f7ca1977689e138
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
387553dab2724207fec6d8a3293c55f8a2fcd18bb667a15da1a47639e3b7036a
3b8e63ea9bea0a39730aa2d685c78473ac9b21007b8f025d4c06bc1daa5dbef8
3cd5d2d2e122d66b1f874388992b947163db63bc01d6654a1dbfe85fb64dbc00
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e5d936e86046250a53660487d50079f15aa51cd1470bc9ffc18d8f0edad5448
3e8ab5f7daaaf482bba164c993d17017c49a80cbf7aaeaf4df1400fafadefe62
3fce457cdd83ee885c8c8c711eddb3c721d375ccf9bcb6b764e5b6452cd218e6
4004fd1b3ddbee33c09ace1dc9c6201d8623e371610f72ab27ee4d2ead8e5443
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
438ba58ddf03960043861c544b21eb6cc61834d69b3a3f9a24b7e05510ea76b9
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
459deeea63d0130a0e33f7c336375711339932953e9c210e833ca3da034e073e
46eeab438539944e7bc19b1a864756733810410a863b8c33ab535c0e24aff2fc
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c74a57a9eed5ef80d28578e6e9dd949d6de71306cfaf884006f5daea8e035b4
4ce32392b6fc3e58db363c2032619e02d58d460e28db3a7db90a9d930a7c6da0
4cf16613f1552b269aa4f495d45a1aa3a62c566a4a1bfe61a6195075623652f9
4d20657079f8954eb227679fb4ca5b73b03f9624915a290819cdd067a60a1b86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54ad4a5cadfc0419bf288a8752fdfd0ebf312a76dbe59612e568ed3248d6b789
54bb0bb2861c66bd9d4f8ba5ac31a15ce7c79307e1fe5515588d38edb7dc6a67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56af099705b5d8b1e9668ddddb9ea19965486bac07a3eddfc1d1b8a9ae3241bf
58d35ac0be7910388b1ca06d92daa9dc70b56586a5bfe13cf499463c59d4a70c
6006d01c3bd434a8410e8aba2a84b5816da5b3be4214afe7585cc2d24cddadbc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718a3ae3f8d7cbb50ea6d3c7394770e0d3ed74065a3d209d8182b1ada8d60dc9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
79ce7be073d9d7c36a3d35ade59a4949c0f09969850445f76b83a96982e39ea7
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
7db3213857f4ec675a6220da9906dfd1a111c8bde9256c50ca4dda527d8723b9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe867b53e81bf6a806cd166468c209b78ea126841d294b8cd8083c2850fee93
82df52f688ae51706c1088ecc610833cbb2f22fa2c5cdc3c777f4d208ab5117f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
9312253427d9dedc9681e7277bfb6f3dac43c92af95951bf7321567ce3971eac
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99b3a7094bb41058185e523e557e97e1ccf4d75f46207fc7143b4687d72e3ffe
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9d3b363a2b2029cc1d31211d83be842986d147af0e62679339154d96db7580e0
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f0f282341b80085696daae20c9c6ce64c8fb98fc85101a985837fcfe65629a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02681ae1cc21a54f99afb9cf43cf89c42ab91bc9381aa64e96ffb4cf46e9f80
a09cf4deda5a1a90d3d1ed91440de70973e9f2a9fa1affbfb617fd1a687aabab
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98f84eca81c6053a50003f4ac8474f85429c9a4186775cf53a7618d561ab483
b07f36f86f5056cc137aec945d25fc15b55cb8b32c974a5b15312bf406ec69b8
b0d32e20290800713b853c7ccaa4cb78c4e6f987cbdaa4af0a40f3d0b0545da3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ce442910cf35ec60d65855e3c7e4c16fc3665864d2e91ab777c24a2fd3c28b
b1cf29d04f1c7fcebbf6799008a2d90c77b7572a203f30394dfcbe6950b0e5c3
b2ec93c28b99f499f2128d9fd3e3c8e1591a63b0551231114f39a6091b8b4f15
b3a9e0ec3e08604e35e7f547370dd5d873f4ab0b9b0367491c764d4ee4c2177b
b6265ba2c2bb8df1401a47253a03e265fffc0632fed9c13707c429f692ac9584
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b90e8625d42f6ab88d2ff0f91ff2f63c9aefb4b1af8299fca6d423b1646599bd
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbd3917cd586d225aa97c932532c998aec2b7ec5af03d149c9b8d8dda22cfeb4
c24370e56c19370412f5bf37d1f1a5a4f88597afc338d612e537f8a82cbb18c3
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7
c404463be3375101f9b01a6b878901697045f9f73ccb461e75c6e944eccb2826
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c5f9eb74692751400e1d30fd8057686662a9b7182e68eadf5cbb73d6c3176387
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7460ed0e58d0b3a53ef2799c6907fba76c978786538de461106921fef2631b4
c9fb3741d896ebeb9350da7de38b326ef40c4e7743ad7cb480d62a9346037496
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cb783389fde225a43007ed7137d6bb7277a4ab63bd016a0c5f9153197a17c14b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdeeaca456001a6797d1256ce2e3be59f8229174301f475c1e0b9a88b7fcb1ae
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cecb34cb2f7edbeb0119c6155edfb1b1cdc46f9889f31e523aaa4c85114d6816
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2756183147ddc220681217d675e83a2631c9e0b2d91e39e3383e29a4152c251
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
d811fb4eb99f646be456ebe4eb8183fd96c273ddc612eb046b9ac980dde23700
d9cc555bb54707aed9f00bbd12374ca9c2ee518c615ad72ea91c50b9408dc367
db0fe984e70fedf2e3d1684526247bc7d8f4a8f1cec7e0a874dffa9d4e1337fb
db7ff16d60fe68cc7c0c36e47848cf583fe2754bf31c8af6e2bbe2be636542b0
dc25a2821005b9dec41a6cb8b81224a7f6f07f90f1a8adaf6bb93eb3256fe0b4
dc962c92e8dbeac8ce1b3237d092b18925bcc81caabf54e93286524ad3cea526
dd068715136cf647c1257a5755756c9715d5d3828d7d2021c7fab0d9f1b09285
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df2608f84638fff1e8a14e5c2fc6662faefeaa80efa1657639f58ee1782561ac
e15087276e13924a81a7753ac7bb95e9b012340e7c03c4f3c26da0e880e4013f
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e46fad913ac5c0909b399e533e5935ea0cabf6dd3beba8856d63d1c6413b49ce
e515d4ad34f03fb0903fb1c0227115fd997d735753df3cbbf89a3839e35d7e03
e6e7cf39f59cfd079ee8824b1944fd89a5da28ea970917ad86b359b659ef2c89
e7b3ddc44d9f741a0ee7348ce4f2c6039a7695bc9d3f1875457a20b5ee54d012
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb76751dd0224dd462533225c22494207c3190ad01534bdab28d4dd7281605db
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8c88ff679553f0238d388b61adff27e453d3f7b8b27d5dfcb2df109a4a48d9f
f960d4d7b6d7d570af05d21f8934d46ed243bc231fc5c85fcd164a23a76e62a9
f9fc14fb868ae1681487532fdf7e83c5fd3314bf8c38a2871e46c4e91975db90
fc34016da75e7f8e3f123320aabdd8b0259a59a7634bcdbfb9face7dbc2b5c41
fc664e4c9216232427d7e13d67febe9ae4b53f95c092e474c13d71f66d6ee0c2

viisasraha.fi Open in urlscan Pro 31.217.192.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

239 Requests

87 %HTTPS

39 %IPv6

61 Domains

92 Subdomains

62 IPs

10 Countries

3554 kBTransfer

7313 kBSize

33 Cookies

13 Outgoing links

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

viisasraha.fi Open in urlscan Pro
31.217.192.158 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

87 %
HTTPS

39 %
IPv6

61
Domains

92
Subdomains

62
IPs

10
Countries

3554 kB
Transfer

7313 kB
Size

33
Cookies

239 HTTP transactions
8 data transactions