urlscan.io logo urlscan.io
SecurityTrails logo

secure.anedot.com Open in urlscan Pro
104.16.196.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://givetotpusa.com/r.wr?id=I0Fvy6wJ
Effective URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr3...
Submission Tags: https://phish.report @phish_report Search All
Submission: On November 30 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 4 countries across 28 domains to perform 195 HTTP transactions. The main IP is 104.16.196.7, located in and belongs to CLOUDFLARENET, US. The main domain is secure.anedot.com. The Cisco Umbrella rank of the primary domain is 209415.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2022. Valid for: a year.
This is the only time secure.anedot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.118.130.252 4886 (LIFECORPO...)
35 104.16.196.7 13335 (CLOUDFLAR...)
7 142.250.185.72 15169 (GOOGLE)
6 172.217.18.106 15169 (GOOGLE)
16 151.101.65.21 54113 (FASTLY)
4 64.233.165.92 15169 (GOOGLE)
6 157.240.247.8 32934 (FACEBOOK)
5 192.229.221.25 15133 (EDGECAST)
4 142.250.181.238 15169 (GOOGLE)
1 11 142.250.186.66 15169 (GOOGLE)
6 172.217.16.131 15169 (GOOGLE)
3 204.79.197.200 8068 (MICROSOFT...)
1 104.17.213.204 13335 (CLOUDFLAR...)
4 23.11.206.16 20940 (AKAMAI-ASN1)
1 4 52.5.59.110 14618 (AMAZON-AES)
1 11 142.250.181.228 15169 (GOOGLE)
11 142.250.186.163 15169 (GOOGLE)
1 34.238.56.9 14618 (AMAZON-AES)
1 216.239.32.36 15169 (GOOGLE)
10 157.240.201.35 32934 (FACEBOOK)
2 74.125.140.156 15169 (GOOGLE)
1 1 142.250.186.130 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
31 142.250.186.110 15169 (GOOGLE)
5 151.101.65.35 54113 (FASTLY)
1 172.64.154.85 13335 (CLOUDFLAR...)
1 104.17.71.176 13335 (CLOUDFLAR...)
1 104.17.116.176 13335 (CLOUDFLAR...)
1 104.17.130.171 13335 (CLOUDFLAR...)
1 2 64.4.245.84 17012 (PAYPAL)
2 142.250.185.131 15169 (GOOGLE)
2 104.17.202.204 13335 (CLOUDFLAR...)
2 104.19.154.83 13335 (CLOUDFLAR...)
1 104.16.89.5 13335 (CLOUDFLAR...)
195 33
1    74.118.130.252 (United States)

ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com
givetotpusa.com
35    104.16.196.7 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.anedot.com
analytics.anedot.com
files.anedot.com
7    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
6    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
maps.googleapis.com
16    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    64.233.165.92 (United States)

ASN15169 (GOOGLE, US)
PTR: lg-in-f92.1e100.net
pay.google.com
6    157.240.247.8 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams2.fbcdn.net
connect.facebook.net
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
t.paypal.com
c6.paypal.com
4    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
11    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
6    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
www.gstatic.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
1    104.17.213.204 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
4    23.11.206.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-11-206-16.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    52.5.59.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-59-110.compute-1.amazonaws.com
tags.wdsvc.net
11    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
11    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.google.fi
1    34.238.56.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-56-9.compute-1.amazonaws.com
q.quora.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
10    157.240.201.35 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-ams4.facebook.com
www.facebook.com
2    74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.google.se
31    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
play.google.com
5    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
1    172.64.154.85 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    104.17.71.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    104.17.116.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.17.130.171 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
maps.gstatic.com
2    104.17.202.204 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
2    104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
track.hubspot.com
1    104.16.89.5 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
Apex Domain
Subdomains		 Transfer
46 google.com
pay.google.com — Cisco Umbrella Rank: 2509
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 22
405 KB
35 anedot.com
secure.anedot.com — Cisco Umbrella Rank: 209415
analytics.anedot.com — Cisco Umbrella Rank: 248564
files.anedot.com — Cisco Umbrella Rank: 269264
1 MB
26 paypal.com
www.paypal.com — Cisco Umbrella Rank: 1881
t.paypal.com — Cisco Umbrella Rank: 2502
c.paypal.com — Cisco Umbrella Rank: 4688
b.stats.paypal.com — Cisco Umbrella Rank: 4270
dub.stats.paypal.com — Cisco Umbrella Rank: 21066
c6.paypal.com — Cisco Umbrella Rank: 5209
383 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
14 KB
11 google.fi
www.google.fi — Cisco Umbrella Rank: 36020
2 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
510 B
8 gstatic.com
www.gstatic.com
maps.gstatic.com
131 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
431 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 134
449 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 360
229 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2610
64 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 27580
28 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 714
94 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
12 KB
2 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 3297
track.hubspot.com — Cisco Umbrella Rank: 2327
2 KB
2 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3516
1 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1773
33 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4312
439 B
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4979
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3319
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2202
20 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2208
16 KB
1 google.se
www.google.se — Cisco Umbrella Rank: 29765
565 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
506 B
1 quora.com
q.quora.com — Cisco Umbrella Rank: 3045
422 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2256
928 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
48 KB
1 givetotpusa.com
givetotpusa.com
402 B
195 28
Domain Requested by
31 play.google.com www.gstatic.com
29 secure.anedot.com secure.anedot.com
16 www.paypal.com secure.anedot.com
www.paypal.com
www.paypalobjects.com
11 www.google.fi secure.anedot.com
11 www.google.com 1 redirects secure.anedot.com
10 www.facebook.com secure.anedot.com
10 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
pagead2.googlesyndication.com
7 www.googletagmanager.com secure.anedot.com
www.googletagmanager.com
js.hsadspixel.net
6 www.gstatic.com www.googletagmanager.com
pay.google.com
www.gstatic.com
6 connect.facebook.net secure.anedot.com
connect.facebook.net
6 maps.googleapis.com secure.anedot.com
maps.googleapis.com
5 c.paypal.com www.paypal.com
c.paypal.com
4 tags.wdsvc.net 1 redirects secure.anedot.com
tags.wdsvc.net
4 analytics.tiktok.com secure.anedot.com
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 pay.google.com secure.anedot.com
pay.google.com
www.gstatic.com
4 analytics.anedot.com secure.anedot.com
analytics.anedot.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
secure.anedot.com
2 api.hubapi.com js.hsadspixel.net
2 maps.gstatic.com secure.anedot.com
2 stats.g.doubleclick.net www.google-analytics.com
2 t.paypal.com secure.anedot.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 files.anedot.com secure.anedot.com
1 forms.hsforms.com
1 track.hubspot.com
1 c6.paypal.com secure.anedot.com
1 forms.hubspot.com js.hscollectedforms.net
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 www.google.se secure.anedot.com
1 www.googleadservices.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 q.quora.com secure.anedot.com
1 js.hs-scripts.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 givetotpusa.com 1 redirects
195 41

This site contains links to these domains. Also see Links.

Domain
anedot.com
help.anedot.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-10 -
2023-11-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-09 -
2022-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.quora.com
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.fi
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2022-11-03 -
2023-11-01		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 8 frames:

Primary Page: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Frame ID: 4F937BDF063F660B1BABE352C0B3CEEE
Requests: 137 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 68EF53E7BC8C4F45769801D72236CDD1
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6DEBFC87FFFF9ECA95CFF876AD68DFE5
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.anedot.com&mid=
Frame ID: 7303F599750C90811AFC591688614337
Requests: 23 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: BCE031133B1FE8F8FD1167F113B150A9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: FBC6421F51BDEF173BF95D74F103626D
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 44157D8357208A3C742EC1334B704DEF
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
Frame ID: C93A2417F543EE194D6D85525D181CC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Support - Turning Point USA NFPEmailPhoneGooglePayPayPalAmerican ExpressMastercardDiscoverBase Credit CardLockAnedot

Page URL History Show full URLs

  1. https://givetotpusa.com/r.wr?id=I0Fvy6wJ HTTP 302
    https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

195
Requests

97 %
HTTPS

0 %
IPv6

28
Domains

41
Subdomains

33
IPs

4
Countries

3523 kB
Transfer

10044 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://givetotpusa.com/r.wr?id=I0Fvy6wJ HTTP 302
    https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://tags.wdsvc.net/controller.js?id=100407 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100407&v=4.10&t=1669829494545
Request Chain 62
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618638254/?random=1669829493662&cv=11&fst=1669829493662&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&is_vtc=1&random=2186692455 HTTP 302
  • https://www.google.fi/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&is_vtc=1&random=2186692455&ipr=y
Request Chain 101
  • https://www.googleadservices.com/pagead/conversion/618638482/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC&ct_eid=2 HTTP 302
  • https://www.google.se/pagead/attribution/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC
Request Chain 155
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS

195 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request how-we-win-p2p-db
secure.anedot.com/turning-point-usa/
Redirect Chain
  • https://givetotpusa.com/r.wr?id=I0Fvy6wJ
  • https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87140f0cfec6cd9c16471f9d8eec140a1b9ef36d17ab2639126e16452e214a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
772551378f9798fd-ARN
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 30 Nov 2022 17:31:32 GMT
link
</packs/css/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-3783bf61.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/css/vendors~accounts~action-pages~admin~crimson-donations-487e5d17.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/css/vendors~accounts~action-pages-336db3d7.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/css/vendors~action-pages-31262cd6.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/js/runtime~action-pages-5a9ebc9ed1e9aa28b9cc.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-a01c488de72f6f012642.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth-react~crimson-donations~donations-e38651f79f9b753ef023.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth~crimson-donations~donations-3952e862f2a80c21caec.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations-81a43665461cfddde0f3.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~auth~crimson-donations~donations-3196b97b551c2a5cdccd.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~crimson-donations~donations-e2ee80b02d73725f3c66.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth-react~crimson-donations-5f4d29fd9bea830c15f4.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth~donations-c95f82bbca5d10bf2fee.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth-react~donations-48a2ded4c64d237f95a0.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~crimson-donations-1b8702db52d2124a5ccf.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~crimson-donations~donations-276bd75cc98b2bc32af8.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth-react-5184540b3dbc4e2a2b8b.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin~auth-cfe3cf76e3870c981780.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~auth-react~donations-790a0198755f3bd8b406.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~donations-7ce96259794368c90dd7.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~crimson-donations-aeb2ce66a533347a229e.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~admin-8d72ff2b5f3079b3e878.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages~auth-react-4c71dd01fb212aaa5ef3.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~action-pages-65934956af08bf6cb4d9.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~action-pages-ab5facb45f5b3e0514cc.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/action-pages-b74f062011b6dacd1e84.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
772551378f9798fd-SEA
x-revision
339dd65713c93f4fe0d8d339ecef9adbaa42368f
x-xss-protection
0

Redirect headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
Content-Type
text/html
Date
Wed, 30 Nov 2022 17:31:30 GMT
Location
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Machine-Name
web5
Server
Microsoft-IIS/10.0
X-Content-Type-Options1
nosniff
vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-3783bf61.chunk.css
secure.anedot.com/packs/css/ 		2 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/css/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-3783bf61.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0a3d4ad77f64b7349b6faaa0df3468f920cb4a4d27f5cf95a3013169401726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-91b"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a3b3998fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~crimson-donations-487e5d17.chunk.css
secure.anedot.com/packs/css/ 		1 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/css/vendors~accounts~action-pages~admin~crimson-donations-487e5d17.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a402f61252340ec3e3d387a1a466baab27ffa236e0bf967e51865806132d7a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-564"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4098fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages-336db3d7.chunk.css
secure.anedot.com/packs/css/ 		200 B
188 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/css/vendors~accounts~action-pages-336db3d7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5dfb8c2659073eccb88da4072102552e9798aab0bb87518f5ae73d37f2a5022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-c8"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4298fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~action-pages-31262cd6.chunk.css
secure.anedot.com/packs/css/ 		257 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/css/vendors~action-pages-31262cd6.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f351ab2b745fc99c7d85bc2cc7411d4b91120dfa7aa87f006d945b79213be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
799
cf-polished
origSize=262921
cf-bgj
minify
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
etag
W/"63868ff2-40309"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7725513a4b4498fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
runtime~action-pages-5a9ebc9ed1e9aa28b9cc.js
secure.anedot.com/packs/js/ 		1 KB
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/runtime~action-pages-5a9ebc9ed1e9aa28b9cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4782e004cf5c6079db192195f9821cdfac224a7c6527a227872f8e64eb6786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-5de"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4598fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-a01c488de72f6f012642.chunk.js
secure.anedot.com/packs/js/ 		260 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations~donations-a01c488de72f6f012642.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3caa5a2bc065caf1600e52d9c50817ef1a99b908b118810b7cfaa04b39382d32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-40fd2"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4698fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth-react~crimson-donations~donations-e38651f79f9b753ef023.chunk.js
secure.anedot.com/packs/js/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth-react~crimson-donations~donations-e38651f79f9b753ef023.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2751133a2307863e7d35a5c0ce65d29ec5952263a2248b6a7b28482181293e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
2428
etag
W/"63868ff2-9488"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4998fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth~crimson-donations~donations-3952e862f2a80c21caec.chunk.js
secure.anedot.com/packs/js/ 		2 KB
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth~crimson-donations~donations-3952e862f2a80c21caec.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b770dc8f241e65e70641a0f75ae83e3beacd7ca3a6d99e6b05b5c932efcf6c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
5463
etag
W/"63868ff2-83e"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4a98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations-81a43665461cfddde0f3.chunk.js
secure.anedot.com/packs/js/ 		2 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth~auth-react~crimson-donations-81a43665461cfddde0f3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1dbe560d81122685ca2d4a338270247b4518d53b7900e83765e45be8236b1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-9f5"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4b98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~auth~crimson-donations~donations-3196b97b551c2a5cdccd.chunk.js
secure.anedot.com/packs/js/ 		117 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~auth~crimson-donations~donations-3196b97b551c2a5cdccd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cad7ad9cb5fd753bfa31679870f3794a05df28765d2cbed47003caf8f9d214af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
2428
etag
W/"63868ff2-1d287"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a4b4d98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~crimson-donations~donations-e2ee80b02d73725f3c66.chunk.js
secure.anedot.com/packs/js/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~crimson-donations~donations-e2ee80b02d73725f3c66.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a2500f32c830989a62a0487dbf711196933196ece00e5c3e3410599f5890ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-131c9"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bca98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth-react~crimson-donations-5f4d29fd9bea830c15f4.chunk.js
secure.anedot.com/packs/js/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth-react~crimson-donations-5f4d29fd9bea830c15f4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2175477823c722d508952dd403d7d52a21fb2b6ececb58a13bbf084f7cf76430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-1187e"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bcd98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth~donations-c95f82bbca5d10bf2fee.chunk.js
secure.anedot.com/packs/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth~donations-c95f82bbca5d10bf2fee.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73033859b4a070c55562bdec7ba192903e2ab37ef9b36b7b791f262a0614cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
2428
etag
W/"63868ff2-7098"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bd198fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth-react~donations-48a2ded4c64d237f95a0.chunk.js
secure.anedot.com/packs/js/ 		993 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth-react~donations-48a2ded4c64d237f95a0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2580e7d53fa7f69c654fd63ecadc5f3a26379f4a9c8deb69d093040c340f9276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-3e1"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bd398fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~crimson-donations-1b8702db52d2124a5ccf.chunk.js
secure.anedot.com/packs/js/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~crimson-donations-1b8702db52d2124a5ccf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c284a75a6b11d953e353007d7ffb9a57274612b866b3447ed594e04a4f80517d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-35c8c"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bd598fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~crimson-donations~donations-276bd75cc98b2bc32af8.chunk.js
secure.anedot.com/packs/js/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~crimson-donations~donations-276bd75cc98b2bc32af8.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1632c22eab71250a40affdacfb6d5d973ccba4165904fb66201006f39c1f82e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-c4bf"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bd898fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth-react-5184540b3dbc4e2a2b8b.chunk.js
secure.anedot.com/packs/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth-react-5184540b3dbc4e2a2b8b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3f80e9dfa5ca762249aad5cd5fc161c777719b366bd3960d3c6381b81bb275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-52ee"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bda98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin~auth-cfe3cf76e3870c981780.chunk.js
secure.anedot.com/packs/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~auth-cfe3cf76e3870c981780.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f54ad2af50ee6d16d2fbc0d5e0d888125048b0f211378573345edf7d6af498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-6363"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bdb98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~auth-react~donations-790a0198755f3bd8b406.chunk.js
secure.anedot.com/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~auth-react~donations-790a0198755f3bd8b406.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c994a9648b1464b8732b8c8fdac1d8ae42b0959ec82dac186f4acd0c67cfe2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-7e5"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bdc98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~donations-7ce96259794368c90dd7.chunk.js
secure.anedot.com/packs/js/ 		266 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~donations-7ce96259794368c90dd7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c02f56cbbd92b763a65a376e92f4d211904b87e4e1377b351cd47ce3f2879bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-426c7"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bde98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~crimson-donations-aeb2ce66a533347a229e.chunk.js
secure.anedot.com/packs/js/ 		48 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~crimson-donations-aeb2ce66a533347a229e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471cecda7f14f16d7da999ce3f8c0374cb35522a471c33485d07e5db821eab31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
799
etag
W/"63868ff2-c102"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bdf98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~admin-8d72ff2b5f3079b3e878.chunk.js
secure.anedot.com/packs/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin-8d72ff2b5f3079b3e878.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b3ddf74b7caadbc5b1059727f597390f497b596dddf84eaac4db6053284eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-39bf"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7be198fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages~auth-react-4c71dd01fb212aaa5ef3.chunk.js
secure.anedot.com/packs/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages~auth-react-4c71dd01fb212aaa5ef3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1081e12135a4a970711852d27a23452d7c734e92359789f2be0af84a23fd8c2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-bbf"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7be398fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~accounts~action-pages-65934956af08bf6cb4d9.chunk.js
secure.anedot.com/packs/js/ 		300 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~accounts~action-pages-65934956af08bf6cb4d9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0852a955025cb8e9cfa4b62e6268c4a0d524de15deac3fec7ba4af2440f09116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-4b0dd"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7be698fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
vendors~action-pages-ab5facb45f5b3e0514cc.chunk.js
secure.anedot.com/packs/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/vendors~action-pages-ab5facb45f5b3e0514cc.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c931f144f1f1a9a0cc0f5f92be0245b434a92b0236c4177ea2432c405401a2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
798
etag
W/"63868ff2-999f"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7be898fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
action-pages-b74f062011b6dacd1e84.chunk.js
secure.anedot.com/packs/js/ 		124 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/packs/js/action-pages-b74f062011b6dacd1e84.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87b8e7bcca554364a2220c997fdc8104d0125de9238e24c218a3e25af4dd6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
797
etag
W/"63868ff2-7c"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513a7bea98fd-ARN
expires
Wed, 30 Nov 2022 21:31:32 GMT
matomo.js
analytics.anedot.com/ 		196 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.anedot.com/matomo.js
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068c899430c36f70a7c28309d749c9d4521aa404ee5d82dba982931fc520dcde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 18:21:27 GMT
server
cloudflare
age
6548
etag
W/"311c4-5df39357f386f-gzip"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513b2d7598fd-ARN
expires
Wed, 30 Nov 2022 21:31:33 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-168958653-1
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
01876365a14a768ea7dc9e634bbca693c59b1dbd735b497a544770523569226b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43669
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 17:11:47 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:33 GMT
gtm.js
www.googletagmanager.com/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
55dd2f516792054323322929f4d5ba0eebc5088d60467c34d3b5c4831980fccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80534
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 17:11:47 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:33 GMT
container_6NLNOHt4.js
analytics.anedot.com/js/ 		240 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.anedot.com/js/container_6NLNOHt4.js
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e43677b39f6b3360b357623b568efbe570d3d9a41ddf1e30f9a6fe0830a37c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 16:02:20 GMT
server
cloudflare
age
2428
etag
W/"3c13a-5eeb23ac091a0-gzip"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513b2d6f98fd-ARN
expires
Wed, 30 Nov 2022 21:31:33 GMT
js
maps.googleapis.com/maps/api/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/packs/js/vendors~accounts~action-pages~admin~crimson-donations~donations-e2ee80b02d73725f3c66.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
mafe /
Resource Hash
575744fe399b90c316c4f059fbb9309a704204c401996436633cb9dda7e3fa53
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=24
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55897
x-xss-protection
0
expires
Wed, 30 Nov 2022 18:01:33 GMT
js
www.paypal.com/sdk/ 		310 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/packs/js/vendors~accounts~action-pages~donations-7ce96259794368c90dd7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c0a4fd6aa7ab1c31d50852df5a3100d572f72ddceadb56a39b88ec88ad256f2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 17:31:33 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5849
x-cache
HIT
p3p
true
paypal-debug-id
f1994669910d4
server-timing
"traceparent;desc="00-0000000000000000000f1994669910d4-144727f6ca03f1fc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
92845
x-xss-protection
1; mode=block
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f1994669910d4-f7747d977c1332c2-01
x-timer
S1669829493.317180,VS0,VE5
etag
W/"16aad-Pc63kBU+RWDrXjkp8oV9ogizpjY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
1
undefined
secure.anedot.com/turning-point-usa/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/turning-point-usa/undefined
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/packs/js/vendors~accounts~action-pages~donations-7ce96259794368c90dd7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-permitted-cross-domain-policies
none
x-revision
339dd65713c93f4fe0d8d339ecef9adbaa42368f
x-xss-protection
0
x-request-id
7725513c5f1498fd-SEA
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Accept
content-type
text/html; charset=utf-8
cache-control
no-cache
cf-ray
7725513c5f1498fd-ARN
pay.js
pay.google.com/gp/p/js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/packs/js/vendors~accounts~action-pages-65934956af08bf6cb4d9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.165.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lg-in-f92.1e100.net
Software
ESF /
Resource Hash
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IMqs0lHKYvdTImWym8bcpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IMqs0lHKYvdTImWym8bcpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 30 Nov 2022 17:31:33 GMT
d543fe07-84e9-450c-aa1a-afa5bd544a84.png
files.anedot.com/action_pages_images/d73f1b1c-1c0b-4c01-9428-06dd44a0e4fb/file/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.anedot.com/action_pages_images/d73f1b1c-1c0b-4c01-9428-06dd44a0e4fb/file/d543fe07-84e9-450c-aa1a-afa5bd544a84.png
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a048a7464cad9daac56803e6c9943e745b1118b480a95f1ec6fdea301f9ea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
x-amz-version-id
Oh1fzl8jvlpTn4RBYfVSRuSxi3COcmuU
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
VH7Z7THFG5QXKPQW
age
117
cf-polished
origFmt=png, origSize=77167
content-disposition
inline; filename="d543fe07-84e9-450c-aa1a-afa5bd544a84.webp"
content-length
30460
x-amz-id-2
LDmFNrQo2cR0dzT/oZ+njiMnr6Uny6UglPeMRA0vogUznxyTPclAyE3y/T8faRbg0dz//R64r+Q=
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 May 2022 21:11:36 GMT
server
cloudflare
etag
"764eacfae72e3fd5dfc289c4ca6b4518"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31556952
accept-ranges
bytes
cf-ray
7725513c5f1998fd-ARN
expires
Thu, 30 Nov 2023 23:20:45 GMT
da278670-c491-4611-b603-e100ff9e9d94.png
files.anedot.com/action_pages_images/6c4e78c7-5214-42b4-a5b9-dd2d44cd935e/file/ 		423 KB
424 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.anedot.com/action_pages_images/6c4e78c7-5214-42b4-a5b9-dd2d44cd935e/file/da278670-c491-4611-b603-e100ff9e9d94.png
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d95a517cab431c5e9e5befd9aaa39402c8c31c8e775068380eabf5e89aa26a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
x-amz-version-id
NUr_wgh7FcrQ_JwG9BQeMuhvY61LUX3J
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
VH7KAAMXQE7SSDAY
age
117
cf-polished
origFmt=png, origSize=586978
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="da278670-c491-4611-b603-e100ff9e9d94.webp"
content-length
433320
x-amz-id-2
BzlRMa9nGO1wI8yPMkAN3E2+FKy6FgVye41yPTUoytZIbyn1T4UKe3Aj1gFH12KYgcpijfSSyDk=
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Nov 2022 15:01:35 GMT
server
cloudflare
etag
"89f678872c6c85e65a97eb37d092e6ba"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31556952
accept-ranges
bytes
cf-ray
7725513c5f1a98fd-ARN
expires
Thu, 30 Nov 2023 23:20:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
XVxFNOmBmXxnm63EaEl61CkNBrZ+LFMSBaFyfsbIzgA1bEEgkhIh3YWQMoXZQNyn83XWQ/cvx0rE6M4jsYqd0w==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dropdown-c80ed423af82974995ac35c4ea10debe.svg
secure.anedot.com/packs/media/namespaces/shared/images/ 		190 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.anedot.com/packs/media/namespaces/shared/images/dropdown-c80ed423af82974995ac35c4ea10debe.svg
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/packs/css/vendors~action-pages-31262cd6.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11763fd84020e13295b68d97fcf6b6c73e73acaf2ad90183672d5a16d4f6d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/packs/css/vendors~action-pages-31262cd6.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 23:04:18 GMT
server
cloudflare
age
796
etag
W/"63868ff2-be"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
public, max-age=14400
cf-ray
7725513c6f2298fd-ARN
expires
Wed, 30 Nov 2022 21:31:33 GMT
matomo.php
analytics.anedot.com/ 		0
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.anedot.com/matomo.php?action_name=Support%20-%20Turning%20Point%20USA%20NFP&idsite=1&rec=1&r=456694&h=17&m=31&s=33&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&_id=d029346e7468fb79&_idn=1&_rck=db-tpu-cr34-020&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=F9QrK1&fa_pv=1&fa_fp[0][fa_vid]=RCaZlc&fa_fp[0][fa_fv]=1&pf_net=380&pf_srv=422&pf_tfr=2&pf_dm1=430
Requested by
Host: analytics.anedot.com
URL: https://analytics.anedot.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.8
vary
Origin
access-control-allow-origin
https://secure.anedot.com
access-control-allow-credentials
true
cf-ray
7725513cf80a98fd-ARN
configs.php
analytics.anedot.com/plugins/HeatmapSessionRecording/ 		193 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.anedot.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=pDwrwE&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020
Requested by
Host: analytics.anedot.com
URL: https://analytics.anedot.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
5d96cdc85e6300c694474fa81a3ac45aa1c0f028ac767118aaf2de8661d94886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
x-powered-by
PHP/7.4.8
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7725513d183698fd-ARN
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.anedot.com&t=xo&v=5.0.343&source=payments_sdk&client_id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b16c597373e85dd326d55a138aab1ef01c5bba476ab9f30d7206135b04e4c4ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DnL6fFYV5qSxbcnLmqsX/XaIPXn7KjuOHA1oGXSp00aabCab' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DnL6fFYV5qSxbcnLmqsX/XaIPXn7KjuOHA1oGXSp00aabCab' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 17:31:33 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
8358
x-cache
HIT
paypal-debug-id
f167398025d7a
server-timing
"traceparent;desc="00-0000000000000000000f167398025d7a-8c6270da585585c3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4745
x-xss-protection
1; mode=block
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f167398025d7a-de703bd32a473d33-01
x-timer
S1669829493.463919,VS0,VE3
etag
W/"3541-yBSyfociwnYLXJJyKzBHyP/snqM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1
buttons
www.paypal.com/smart/ Frame 68EF 		376 KB
138 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cd1bb0e1e735aabd07fbead0799f0864b823fabb8e762ad922e8886f4ad32ee
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.anedot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
none
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
br
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 30 Nov 2022 17:31:33 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/W/"5e138-L2A7BRfufD3qb4UhlrsVCwtEzx0"
p3p
true
paypal-debug-id
f8055799908b8
server-timing
"traceparent;desc="00-0000000000000000000f8055799908b8-ed465c9d3d60f496-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8055799908b8-816ee3018a7fb15f-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-hhn4064-HHN
x-timer
S1669829494.530440,VS0,VE343
x-xss-protection
1; mode=block
truncated
/ Frame 6DEB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.anedot.com&t=xo&v=5.0.343&source=payments_sdk&client_id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6AB) /
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
2ab8c8cbc9f30
dc
ccg11-origin-www-1.paypal.com
content-length
16464
last-modified
Tue, 03 May 2022 17:28:29 GMT
server
ECAcc (ska/F6AB)
traceparent
00-00000000000000000002ab8c8cbc9f30-ddae390a3fbda0b3-01
etag
"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 30 Nov 2022 18:31:33 GMT
ts
t.paypal.com/ 		42 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AM5NBZCM4ARA48-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AM5NBZCM4ARA48-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=937b234e-becb-46bf-b379-34b36e808cbc&fltp=analytics&mrid=M5NBZCM4ARA48&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Support%20-%20Turning%20Point%20USA%20NFP&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1669829493528&g=0&completeurl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3708) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3708)
traceparent
00-0000000000000000000881a1906a98ed-818f4491a761f1f1-01
content-type
image/gif
paypal-debug-id
881a1906a98ed
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=204
timing-allow-origin
*
content-length
42
expires
Wed, 30 Nov 2022 17:31:33 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cabab8d064c8f10e3099c8e7f994eb9dd671344bdcbcefc32a4385a965828ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f805579dcff2b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4053-HHN
traceparent
00-0000000000000000000f805579dcff2b-fc74f52e211d80b6-01
x-timer
S1669829494.000499,VS0,VE208
etag
W/W/"400-afKYL38lX1TIu08BEJQ2P3ZePjs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.anedot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Nov 2022 17:31:33 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f8055799d49e7
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8055799d49e7-9d2f06bb5e29d1a8-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4053-HHN
x-timer
S1669829494.696053,VS0,VE191
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168958653-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 17:24:43 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
411
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 30 Nov 2022 19:24:43 GMT
payframe
pay.google.com/gp/p/ui/ Frame 7303 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.anedot.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.165.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lg-in-f92.1e100.net
Software
ESF /
Resource Hash
40590e2fa42e07c82cbcc519c28b327736a4a971ecd561228965f069dfff3d87
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-onz-XGb-jPuuzCcmIL_20w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.anedot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-onz-XGb-jPuuzCcmIL_20w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy
same-site
date
Wed, 30 Nov 2022 17:31:33 GMT
expires
Wed, 30 Nov 2022 17:31:33 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
optimize.js
www.google-analytics.com/gtm/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-KT9DBKH
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
0072341cd97b3f3bb1d9b898d585a929841b59bf74344941c914fca6be45dd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43907
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956807382/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956807382/?random=1669829493657&cv=11&fst=1669829493657&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f967a1c7d0c4e81ace56bc68c32bc782cd3276e2a55b83418b1ab7c97eb11c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
947
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/618629383/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618629383/?random=1669829493661&cv=11&fst=1669829493661&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
24765e55f4f2d5ec4a474822de6f3e838b340d5ee808bb75896e594a799a1a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
947
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/618558795/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618558795/?random=1669829493662&cv=11&fst=1669829493662&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
97ca8aeaef7424cb318dc278770e528b09fa4b5f7d392394521eb3067816ec10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
951
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/618638482/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618638482/?random=1669829493663&cv=11&fst=1669829493663&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
75102c3aa71ad0b81d6ac304a7786d306e39b3639a28f2f947879f397d82ce1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
950
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 30 Nov 2022 18:15:33 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/587581794/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/587581794/?random=1669829493666&cv=11&fst=1669829493666&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&auid=616723605.1669829494&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4fbe1f107e9c0d0d67cad84f39ff5e1ba1ab768f0088f6aa80a44a41046e31f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
948
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Nov 2022 17:31:33 GMT
last-modified
Wed, 09 Nov 2022 21:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2EDF3EBC20B4FDA8BF49636C23ED3ED Ref B: STOEDGE1711 Ref C: 2022-11-30T17:31:34Z
etag
"077538f81f4d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11421
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1db56d3836d088494d4cef31d16635576729472ea6beebb5b607d90acfa46b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48925
x-xss-protection
0
server
cafe
etag
10506916537092316520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Nov 2022 17:31:34 GMT
14495387.js
js.hs-scripts.com/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/14495387.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.213.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b1612dbe66174564012c5e362b37e9dd8b59dbd2173da0d1953b5eef9865fa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 30 Nov 2022 17:29:37 GMT
server
cloudflare
x-hubspot-correlation-id
9b60eb62-8eb4-4b3c-8af4-c685cd37b3a2
x-trace
2B220F4B072F913C8A6D1136C7073E037FEF96D129000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://secure.anedot.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
772551447f4615f8-ARN
expires
Wed, 30 Nov 2022 17:32:34 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2A3TFFMU8Q03RAIIEU0&lib=ttq
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f73b3babf103ee53b8951197bfcdac908da92b35fee908246f1541f8855db289

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-akamai-request-id
138c808e
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-11-206-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=88
content-length
1048
pragma
no-cache
server
nginx
x-tt-logid
20221130173134F98181B28676D6E63197
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
88,23.11.206.12
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd552c7f189e1a51ba26a2f59b7aa9eabe74808c166194609b83afa3bd02c15cb5e94578734b4221c2b075ce3bdc893d2685083d1201e7e15c428876a6eb0cc828
expires
Wed, 30 Nov 2022 17:31:34 GMT
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100407
  • https://tags.wdsvc.net/container.js?id=100407&v=4.10&t=1669829494545
27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100407&v=4.10&t=1669829494545
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
HTTP/1.1
Server
52.5.59.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-59-110.compute-1.amazonaws.com
Software
/
Resource Hash
7f0d8456b872023ce316dc1e98a7b8a54e81d9d9dcbba904efe73100976a524a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 17:31:34 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
27393
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100407&v=4.10&t=1669829494545
Date
Wed, 30 Nov 2022 17:31:34 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7SZC1SVE72&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVJ4V6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0f61524c75686d34fca2f7e0a08835f6cd397796cbc74f7c73a0f2834dd3cc2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76171
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:33 GMT
/
www.google.fi/pagead/1p-user-list/618638254/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618638254/?random=1669829493662&cv=11&fst=1669829493662&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googlead...
  • https://www.google.com/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot...
  • https://www.google.fi/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot....
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&is_vtc=1&random=2186692455&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.fi/pagead/1p-user-list/618638254/?random=1669829493662&cv=11&fst=1669827600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&is_vtc=1&random=2186692455&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
q.quora.com/_/ad/d18b091f38254273a5e7cc105426539a/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/d18b091f38254273a5e7cc105426539a/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.56.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-56-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 17:31:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,8ff509f60a796615f3c3e3321a2ff9e4,10.0.0.51,51612,194.34.134.146,,82429258782,1,1669829494.657,0.002,,.,0,0,0.000,0.000,-,0,0,197,849,424,10,34729,,,,,,-,
Content-Type
image/gif
logger
www.paypal.com/xoplatform/logger/api/ 		1022 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
816d7d15eedb00b2035d6bdaad22e10fcdff4e00a08e5e96bbc905d9dfa87dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f8055797600aa
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4053-HHN
traceparent
00-0000000000000000000f8055797600aa-a62689800821e2c7-01
x-timer
S1669829494.000909,VS0,VE180
etag
W/W/"3fe-wpUdv3SBDzJ7B1ZWuo5EpOq3JOg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.anedot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Nov 2022 17:31:33 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f805579853992
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f805579853992-40c77d463a16f302-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4053-HHN
x-timer
S1669829494.712856,VS0,VE191
index.html
www.paypalobjects.com/muse/analytics/ Frame BCE0 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F764) /
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Wed, 30 Nov 2022 17:31:33 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"6271663d-d994"
expires
Wed, 30 Nov 2022 18:31:33 GMT
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
81d3d6c84cdf2
server
ECAcc (ska/F764)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-000000000000000000081d3d6c84cdf2-dadebe1afcab5f63-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
306599240152457
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/306599240152457?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
4944d9313621a0a70653acb9c3b748a8c9b9938e5a55e54ee5a6925082a69970
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ZjliVAl675w8asWWEEE3G4iGQt83HB4+nyDyHhCZORjBJwjhxG8LdhSm6lQuElzEuLT9bP8vJTEPF8wX+gdbOg==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://secure.anedot.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
887e8d782a4725cef7665968ca6dfd7c67d49f94c7ec5f8b77b23fba2d057d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 23:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69704
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 23:19:13 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/ 		166 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
eba2bc7b1a8274ed3b06b582c1efece2336dae57d5aad1c9dd48de612da89477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 15:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62624
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:00:28 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
86c05fa6dbe3d56f10af1ba9f204853f58aaf58baa46e364d7450fcadca52392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 07:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26939
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 07:18:06 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/fi_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAq2SM8b_QTjvtPzSUZP56o0gYMkBMz9wQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
d9afe8bb655aec7da3b284f85da079038bc378e4164f310a35a06f14a0961273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 05:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17860
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:36:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 05:20:30 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7303 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.165.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lg-in-f92.1e100.net
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.anedot.com&mid=
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 30 Nov 2022 17:31:33 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 7303 		153 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.anedot.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
070fa95f6a86fc453e1b45d1b543b049e9e2a18fd0b39925e0a18b66d9e9b7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55410
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:30:53 GMT
ts
t.paypal.com/ 		42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AM5NBZCM4ARA48-1&page=muse%3Aoffer%3A%3A%3AM5NBZCM4ARA48-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=937b234e-becb-46bf-b379-34b36e808cbc&es=visitorInfoFlowStarted&mrid=M5NBZCM4ARA48&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Support%20-%20Turning%20Point%20USA%20NFP&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1669829493866&g=0&completeurl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3718) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3718)
traceparent
00-0000000000000000000a2473f1151dc2-94895677333b3182-01
content-type
image/gif
paypal-debug-id
a2473f1151dc2
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=196
timing-allow-origin
*
content-length
42
expires
Wed, 30 Nov 2022 17:31:33 GMT
collect
region1.google-analytics.com/g/ 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7SZC1SVE72&gtm=2oebs0&_p=998145103&cid=527061542.1669829494&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669829493&sct=1&seg=0&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&dt=Support%20-%20Turning%20Point%20USA%20NFP&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SZC1SVE72&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.anedot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Nov 2022 17:31:34 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f805579c91fb1
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f805579c91fb1-4fbe13bf75aef95a-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4053-HHN
x-timer
S1669829494.000446,VS0,VE165
graphql
www.paypal.com/targeting/ Frame BCE0 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86fed13eb63bbc88d3f11bfa26cf542cb383e34dd8940e5279f03172db708316
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-0rxza33HfFChsGPyEP5Ov6+SvI4J7kszVW/8qqsVNH+1kp9e' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-0rxza33HfFChsGPyEP5Ov6+SvI4J7kszVW/8qqsVNH+1kp9e' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Wed, 30 Nov 2022 17:31:34 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f805579e09775
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f805579e09775-2e093908bbd670c7-01
x-timer
S1669829494.235489,VS0,VE258
etag
W/W/"1b3-e+hJ5fS1Tc0iSn0VRNRXZI4ljZU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
js
www.paypal.com/sdk/ Frame 68EF 		310 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c0a4fd6aa7ab1c31d50852df5a3100d572f72ddceadb56a39b88ec88ad256f2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dgFy8rqXWvuyVQM+r7k+MSMRi6YSyQ9uxmyUaOMlb47djRMw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 17:31:33 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5850
x-cache
HIT
p3p
true
paypal-debug-id
f1994669910d4
server-timing
"traceparent;desc="00-0000000000000000000f1994669910d4-144727f6ca03f1fc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
92845
x-xss-protection
1; mode=block
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f1994669910d4-f7747d977c1332c2-01
x-timer
S1669829494.968430,VS0,VE1
etag
W/"16aad-Pc63kBU+RWDrXjkp8oV9ogizpjY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
2
truncated
/ Frame 68EF 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
456404785502296
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/456404785502296?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
b659aa84dbf169a7528ddc10498fff1030a8639a453ddbe774172c29e2ec63f9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xmAywokkvFX6VtBKDAods6S0vc9VoUuy6slNRh/DZ4pLrvy2MIUWm9WnN3/EKXHw9Hsn+2sSZk4ubox6cEqSgg==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=306599240152457&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829494099&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		2 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=998145103&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&ul=en-us&de=UTF-8&dt=Support%20-%20Turning%20Point%20USA%20NFP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAACAAI~&jid=273531343&gjid=1988144135&cid=527061542.1669829494&tid=UA-168958653-1&_gid=1752690854.1669829494&_r=1&gtm=2oubs0&z=708429347
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.anedot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=998145103&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&ul=en-us&de=UTF-8&dt=Support%20-%20Turning%20Point%20USA%20NFP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABQAAAACAAI~&jid=1391443327&gjid=2083383890&cid=527061542.1669829494&tid=UA-168958653-1&_gid=1752690854.1669829494&_r=1&gtm=2wgbs0NVJ4V6P&z=1901195554
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.anedot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=273531343&gjid=1988144135&_gid=1752690854.1669829494&_u=YADAAUAAQAAAACAAI~&z=479098100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.anedot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/587581794/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/587581794/?random=1669829493666&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=114085992&rmt_tld=0&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/587581794/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/587581794/?random=1669829493666&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=114085992&rmt_tld=1&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/618629383/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/618629383/?random=1669829493661&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=134599445&rmt_tld=0&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/618629383/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618629383/?random=1669829493661&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=134599445&rmt_tld=1&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 01:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:15:34 GMT
/
www.google.com/pagead/1p-user-list/956807382/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956807382/?random=1669829493657&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=1881741048&rmt_tld=0&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/956807382/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/956807382/?random=1669829493657&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=1881741048&rmt_tld=1&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/618558795/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/618558795/?random=1669829493662&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=3641748284&rmt_tld=0&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/618558795/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618558795/?random=1669829493662&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=3641748284&rmt_tld=1&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/618638482/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/618638482/?random=1669829493663&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=2437305632&rmt_tld=0&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/618638482/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618638482/?random=1669829493663&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&fmt=3&is_vtc=1&random=2437305632&rmt_tld=1&ipr=y
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56281000.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56281000.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 30 Nov 2022 17:31:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC88ECD795904074AD740208E66CE020 Ref B: STOEDGE1711 Ref C: 2022-11-30T17:31:34Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56281000&tm=gtm002&Ver=2&mid=58100f3c-d833-4b2d-abfe-a44d4b9f126a&sid=d5e910a070d411eda010fbe2322c07ce&vid=d5e93c3070d411edb2fb1d11f714f666&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Support%20-%20Turning%20Point%20USA%20NFP&p=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&r=&lt=2043&evt=pageLoad&sv=1&rn=402487
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 17:31:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C5D348EC9A374C43AAB928DC5AC50C0B Ref B: STOEDGE1711 Ref C: 2022-11-30T17:31:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=1391443327&gjid=2083383890&_gid=1752690854.1669829494&_u=aADAAUABQAAAACAAI~&z=819400764
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.anedot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame 7303 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrihUyofFPF8hGmlxs8x77Gwn2YLfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
ce46dd3962aa1c3fe602c4f5d5db9bc8311331ad0f668af3280b803114851e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26001
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:30:53 GMT
wcm
www.google.se/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/618638482/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC&ct_eid=2
  • https://www.google.se/pagead/attribution/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC
80 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.se/pagead/attribution/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
content-type
application/json; charset=UTF-8
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.se/pagead/attribution/wcm?cc=ZZ&dn=8448721776&cl=8Cl2CIeg7tYBEJLZ_qYC
access-control-allow-origin
https://secure.anedot.com
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pay
pay.google.com/gp/p/ui/ Frame 7303 		1 MB
356 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.165.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lg-in-f92.1e100.net
Software
ESF /
Resource Hash
3c852621ac4033ffa78f7aaff91095e491eef1b4bab2442a66142a7fdc593ed6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-StLaqVc0TR-uHXvpbka-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-StLaqVc0TR-uHXvpbka-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 30 Nov 2022 17:31:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame FBC6 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.anedot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
24567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Nov 2022 10:42:07 GMT
etag
10353107486223812946
expires
Wed, 14 Dec 2022 10:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame 7303 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrihUyofFPF8hGmlxs8x77Gwn2YLfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
ac1198b5311feb026d2b82cde72918ecb94231859aef5319a52063893dc3ab09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9236
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:30:54 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame 7303 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrihUyofFPF8hGmlxs8x77Gwn2YLfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
4ecd6bd39b521b08ae0176e05c71245505b7253f22ba4c6cb3aaf3b911070fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13973
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:30:54 GMT
log
play.google.com/ Frame 7303 		131 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
830271780925546
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/830271780925546?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
ba70351c39ebdd6afe29c998773f0593d76e6176cf35b7663d342691389acb91
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Q4+cuWgTGETTTgtCYW8ggdnio8/b23NVqYBg+fp0qDk0/M9bMArXrYYNcjYJ3/EPeDGKDLOd/ukRpXdb2Fnlyg==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=456404785502296&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829494459&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
log
play.google.com/ Frame 7303 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:34 GMT
fb.js
c.paypal.com/da/r/ Frame 68EF 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e5b0cc492d92b48e7d5332f3d9836e88ad46fe67892ba0b1be4611ec8a60a00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-cache-hits
302, 17, 4069125
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1110367
x-cache
HIT, HIT, HIT
paypal-debug-id
d04e7e15774c8
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20248
x-served-by
cache-sjc10074-SJC, cache-hhn4032-HHN, cache-hhn4060-HHN
last-modified
Thu, 10 Nov 2022 20:35:37 GMT
traceparent
00-0000000000000000000d04e7e15774c8-dc7b078902cde6ad-01
x-timer
S1669829495.780726,VS0,VE2
etag
W/"636d6099-e89e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Dec 2022 17:31:34 GMT
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7303 		131 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.0O-CnxjEEvY.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj_K_NmL6_2xRpRGt4uA-jFLJR4aA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 17:31:35 GMT
main.MWU5NWU5NWFkMA.js
analytics.tiktok.com/i18n/pixel/static/ 		211 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU5NWU5NWFkMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2A3TFFMU8Q03RAIIEU0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8c1a54fb8fc12e93036c91eeba7691158677b075cbc29a07fa688259ee86877

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-akamai-request-id
138c80eb
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2022113002232120D55DB2AAD23E7EE066
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-11-206-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015f98335c81b83781dcf1ab541a3052e47c9682ae3545a9b4d43e1572c159d46a057dc459d536969163f57e0aeeab6560628eaa8d4292cdc34f6515bc1c78e3cb2aa309ef2fe9d776f5e6ff1c7118ea51
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
62237
14495387.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/14495387.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14495387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ac922ded62edebcdd9e280259cf707347aa89983aefa75548d2b5d6c8c087f0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-amz-version-id
qyVh._B24abUX9v_8G5Wi9dB33M7s9YH
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
73NVDB936MJZQTGD
age
118
x-amz-server-side-encryption
AES256
x-amz-id-2
2JkNRGgZJryiYinGWFkLEZrLs8HlS6K3KSyEuHx600cmGk+o2agvs2gUnEtNHChJ9qR7W5NuzHY=
last-modified
Tue, 25 Oct 2022 22:06:18 GMT
server
cloudflare
etag
W/"e113d310e042efecbbd35cea02f0e4a1"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.professorwatchlist.org
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
77255148695d09af-ARN
expires
Wed, 30 Nov 2022 17:34:37 GMT
14495387.js
js.hs-analytics.net/analytics/1669829400000/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1669829400000/14495387.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14495387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.71.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8380e6b898da4b15ac8ba13dcb49017736c95d69a5355b9d42d138be0f4ad8f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
FHJPQHV57RWGVR3M
x-amz-server-side-encryption
AES256
x-amz-id-2
9A7WO9ezqKqnv774nWU1gqCer9wPxemV3XJQHhu/th2YBADjRsAUR9x5Q9xAljExLn9qoYakZrM=
last-modified
Wed, 30 Nov 2022 15:29:27 GMT
server
cloudflare
etag
W/"5b8026aa72d7c5a796421dfde4b3cbed"
vary
origin, Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
772551488ab20a1f-ARN
expires
Wed, 30 Nov 2022 17:36:35 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14495387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.116.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-amz-version-id
aoUPWE.Bu9NRjxDy7F1Soox3yNWe2Us6
via
1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
376
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.302/bundles/pixels-release.js&cfRay=7725481a196f0d46-ARN
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Mon, 14 Nov 2022 03:38:56 UTC
server
cloudflare
etag
W/"c32a10854f4ff995fc7198ba0324bcc6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
7725514888f60d4e-ARN
x-amz-cf-id
IdYRnZ2juRvX-L4NlSt55trEG2F7oXmVfKF9ZXQ-_eDBlZwfvpk61Q==
x-hs-target-asset
adsscriptloaderstatic/static-1.302/bundles/pixels-release.js
collectedforms.js
js.hscollectedforms.net/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14495387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.130.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ccb8244c804a0019759f1c5ba015f9ccfc2e8cf7781c6a2b2126f120bfc96a

Request headers

Referer
https://secure.anedot.com/
Origin
https://secure.anedot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-amz-version-id
_5EZs_H26Fc6JgVRh7ahoi0orqifRkcW
via
1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
118
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.311/bundles/project.js&cfRay=77254e6aa8ef15ec-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Wed, 16 Nov 2022 03:41:33 UTC
server
cloudflare
etag
W/"59a69a76233d8365d7266548d5703c09"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
7725514889c395f0-ARN
x-amz-cf-id
oD9wGXQEyqWE0UJxECbw2s0b4_YNvwruGzHJqLQqABUqP4CPQ1wqQQ==
x-hs-target-asset
collected-forms-embed-js/static-1.311/bundles/project.js
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 30 Nov 2022 17:31:34 GMT
expires
Wed, 30 Nov 2022 17:31:34 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=830271780925546&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829494691&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=306599240152457&ev=Microdata&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829494692&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20-%20Turning%20Point%20USA%20NFP%22%2C%22meta%3Adescription%22%3A%22Join%20me%20in%20supporting%20Turning%20Point%20USA%20NFP%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22TURNING%20POINT%20USA%22%2C%22og%3Adescription%22%3A%22Join%20me%20in%20supporting%20TURNING%20POINT%20USA%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ 		1011 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1591c5a4db05c76a5ad5015ce37b9a8275922d1bcac415f34cd34854612f9c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f95812986fa85
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4053-HHN
traceparent
00-0000000000000000000f95812986fa85-3a5b3084fcee3ee6-01
x-timer
S1669829495.942164,VS0,VE209
etag
W/W/"3f3-KFyMhMDhMdsZO61qrOy5xl7xs6I"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.anedot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Nov 2022 17:31:34 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f958129d67b47
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f958129d67b47-d0cce505cc9c348f-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4053-HHN
x-timer
S1669829495.724422,VS0,VE159
logger
www.paypal.com/xoplatform/logger/api/ Frame 68EF 		1014 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96b1fb4eddb4ba0cf0366310be8aa85c62b4e720abfaad1b6e66a601d1b5cc4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f958129007570
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f958129007570-8998c54bd866b296-01
x-timer
S1669829495.759559,VS0,VE235
etag
W/W/"3f6-LfT86rQuO3L9nlYHo1x9MJqXRzM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=1391443327&_u=aADAAUABQAAAACAAI~&z=1417877040
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=1391443327&_u=aADAAUABQAAAACAAI~&z=1417877040
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=273531343&_u=YADAAUAAQAAAACAAI~&z=2071703330
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168958653-1&cid=527061542.1669829494&jid=273531343&_u=YADAAUAAQAAAACAAI~&z=2071703330
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
c.paypal.com/v1/r/d/ Frame 4415 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
4e862677508f
date
Wed, 30 Nov 2022 17:31:35 GMT
origin-trial
A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id
4e862677508f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000004e862677508f-878acee2b7f8e15f-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4060-HHN
x-timer
S1669829495.864635,VS0,VE198
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v2/ Frame C93A
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 17:31:35 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
Date
Wed, 30 Nov 2022 17:31:35 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
identify_87671.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_87671.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU5NWU5NWFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-akamai-request-id
138c8126
date
Wed, 30 Nov 2022 17:31:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2022102513233020C275E8C1FA67700B5E
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-11-206-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0173631bb197fc90bd07563af4e3ce938162821bccb90a8ec261f6ae4cc068e709822da8cadae340b9a7273e12a5bf18e8f1f817baa10e226046c43d7a48f08218ed6c493930f43cee98dccaa455c31001
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
30918
pixel
analytics.tiktok.com/api/v2/ 		0
546 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU5NWU5NWFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.206.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-206-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:35 GMT
x-akamai-request-id
138c8138
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202211301731341374B42210E0FEACA944
x-cache
TCP_MISS from a23-11-206-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
103,23.11.206.12
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd552c7f189e1a51ba26a2f59b7aa9eabee253a2763824236bb3ff852f3c122f54c4a921b3bc8bec26ee59d09580243455eca0423b07a5e481aa6370ccd1c6d7d2
server-timing
inner; dur=15, cdn-cache; desc=MISS, edge; dur=8, origin; dur=103
content-length
0
expires
Wed, 30 Nov 2022 17:31:35 GMT
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=184c99807bc-tags9-1677d5a05cd4cb
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100407
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.59.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-59-110.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Nov 2022 17:31:34 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 30 Nov 2022 17:31:35 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 30 Nov 2022 17:31:35 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=456404785502296&ev=Microdata&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829494963&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20-%20Turning%20Point%20USA%20NFP%22%2C%22meta%3Adescription%22%3A%22Join%20me%20in%20supporting%20Turning%20Point%20USA%20NFP%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22TURNING%20POINT%20USA%22%2C%22og%3Adescription%22%3A%22Join%20me%20in%20supporting%20TURNING%20POINT%20USA%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
fb.js
c.paypal.com/da/r/ Frame 4415 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e5b0cc492d92b48e7d5332f3d9836e88ad46fe67892ba0b1be4611ec8a60a00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-cache-hits
302, 17, 4069127
date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1110367
x-cache
HIT, HIT, HIT
paypal-debug-id
d04e7e15774c8
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20248
x-served-by
cache-sjc10074-SJC, cache-hhn4032-HHN, cache-hhn4060-HHN
last-modified
Thu, 10 Nov 2022 20:35:37 GMT
traceparent
00-0000000000000000000d04e7e15774c8-dc7b078902cde6ad-01
x-timer
S1669829495.128849,VS0,VE2
etag
W/"636d6099-e89e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Dec 2022 17:31:35 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		367 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=14495387
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0518c7fb9e5a615b245e2af654fa74a7badfa43ad00fbda2ec98a05f3696ff0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d94591ed-91b6-4fa7-89bd-f245dfbf4d1b
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B5301EA918052E94E448746CB30C49614060ACDB5000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://secure.anedot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kRFkGIJIkULrjwywX0lX9gphVYMCWtIi%2FJ%2BvYRnq27TEdY8ifT5yje%2FRHDXRjmFJ4g50L4pkwf0eEFJNjsMFLZfdozNhirWShl7jlo4s9JyzWGDnrZovZy%2F44LR68aO"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
cf-ray
7725514b2db195f0-ARN
access-control-allow-headers
*
json
forms.hubspot.com/collected-forms/v1/config/ 		116 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=14495387&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e468e64f5fc217926caa86b72efc880982415ed5649732ea4867f6068d5593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a5b23421-db56-4efc-97b0-981f19c7b391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://secure.anedot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFbsnP%2BTAG%2FQNbWdGbMVqOxVT0qX5Pzg5sFyIu9wrJdeqRDt7zzfrMKrnXI3PERys525htwu9QNLbwdEhMQfBP4oHZ4vY5oS3Z0Y3Rm8FMA048cqQ93Azv9FelnQhaBAiBZ5"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7725514b5f059903-ARN
p1
c.paypal.com/v1/r/d/b/ Frame 4415 		125 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc67238c4c7171d8f8a22ab90f9a703c819e9843f4f2b49a87d90bd45f5e974a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
27ac32b4149fb
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
125
x-served-by
cache-hhn4060-HHN
correlation-id
27ac32b4149fb
traceparent
00-000000000000000000027ac32b4149fb-4cdafbad6b9b1094-01
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
e
c.paypal.com/v1/r/d/b/ Frame 4415 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-hhn4060-HHN
date
Wed, 30 Nov 2022 17:31:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
fb30506c2972c
via
1.1 varnish
traceparent
00-0000000000000000000fb30506c2972c-513fbe423bcef685-01
x-cache
MISS
paypal-debug-id
fb30506c2972c
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
p3
c6.paypal.com/v1/r/d/b/ Frame 4415 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_4a816a1897_mtc6mze6mzm&s=SMART_PAYMENT_BUTTONS
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3710) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
gzip
correlation-id
ade1dc6d0a70
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3710)
traceparent
00-00000000000000000000ade1dc6d0a70-e983e3a490470581-01
vary
Accept-Encoding
paypal-debug-id
ade1dc6d0a70
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=199
timing-allow-origin
*
content-length
20
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=830271780925546&ev=Microdata&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829495211&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20-%20Turning%20Point%20USA%20NFP%22%2C%22meta%3Adescription%22%3A%22Join%20me%20in%20supporting%20Turning%20Point%20USA%20NFP%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22TURNING%20POINT%20USA%22%2C%22og%3Adescription%22%3A%22Join%20me%20in%20supporting%20TURNING%20POINT%20USA%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 68EF 		1022 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ab1094345d620d9a17bdce4567c3726fdcdb652b7689402377ea99e423473109
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?sdkVersion=5.0.343&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRWTG1DWTdpckxLZ0NNekZHVFNIRURHc08zTUNJT1dVUFVvd2NPZC1OLXFlZ21kb3AzUFJfRTY3dlZxVThpVHRuR1hkbE11T21Lc2x3S28mZGlzYWJsZS1mdW5kaW5nPWNyZWRpdCxjYXJkJnZhdWx0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9kaHNnbW96dmFza29wcHFpc2VqbGpmcmRjY2xwemYifX0&clientID=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&sdkCorrelationID=f18933563b1c7&storageID=uid_6c8efc1fa9_mtc6mze6mzm&sessionID=uid_4a816a1897_mtc6mze6mzm&buttonSessionID=uid_5f37502ac1_mtc6mze6mzm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f9581296565ad
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4064-HHN
traceparent
00-0000000000000000000f9581296565ad-04c471960a84cb62-01
x-timer
S1669829495.273649,VS0,VE238
etag
W/W/"3fe-u9WJ2UjoZYgM1h6klB7JJiV93vk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
__ptq.gif
track.hubspot.com/ 		45 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2302818634&v=1.1&a=14495387&pu=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&t=Support+-+Turning+Point+USA+NFP&cts=1669829495477&vi=f41472ea46eb3d39251b667979d72280&nc=true&u=21404644.f41472ea46eb3d39251b667979d72280.1669829495466.1669829495466.1669829495466.1&b=21404644.1.1669829495467&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c5d0a410-8613-40eb-883e-13bb08e08eb8
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRvmuuR%2BikQIzRNMfptb3yzFanlUlEkHpYiO6mmbbpm9JXW1hWxcKy%2F8XEA8VDwnscVJy24ML1ZmMrYg77Wt1x1wXdEPENiG%2Ftv6kSKdyfhGDqEcu0%2F%2BXLIjjW9JDf6RUkF2"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7725514d39c515dc-ARN
x-robots-tag
none
logger
www.paypal.com/xoplatform/logger/api/ 		1022 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdVLmCY7irLKgCMzFGTSHEDGsO3MCIOWUPUowcOd-N-qegmdop3PR_E67vVqU8iTtnGXdlMuOmKslwKo&disable-funding=credit,card&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a3178620df4f88bcd6ecb8aed99eac262b21eb53276ecf60860e49d0a8f94463
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Nov 2022 17:31:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f956557af8484
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4053-HHN
traceparent
00-0000000000000000000f956557af8484-1d48bcb90980c02b-01
x-timer
S1669829496.803894,VS0,VE204
etag
W/W/"3fe-jmuPTRuIZUz+BBu1obc4GH0FrgU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.anedot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.anedot.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Nov 2022 17:31:35 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f956557451da5
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f956557451da5-3970c73500e78d0f-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4053-HHN
x-timer
S1669829496.569268,VS0,VE178
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-618638254
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2df5cbfdfb730de609ccb96d910a88b5501b9d571090a579e0b8dca0546bb6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66852
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:35 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-618638254&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168958653-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4c916c878ba00d93aabd7b6507f346e60eba77753ccc076c95fdcf501efba1b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66850
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:35 GMT
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-618558795&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168958653-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c44ae60f4d7bafef63b3434cb5635223fb40108f278ebacfca090fd6bb3a0097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53031
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 17:11:47 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:35 GMT
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-956807382&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168958653-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bb8622afa73d757e9e528d3c9f16976deebaf88f4f1445e3d4448df481bb51fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53025
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 17:31:35 GMT
428683547748851
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/428683547748851?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
6c3cc187fce87bd6f600fb188836037d79a0090b4d2859aeb85e1bcbfb38b32e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
g0DJ2d5qaAkCUYVkv0tWCF1b9PQyfvf0aIZpsVTPzGj2lqkd71o2VwmDWmHQgY7/KOXEqoga3MTPmYKuJpuQig==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/ 		2 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/json?portalId=14495387
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
039c50b4-b988-44e1-b31f-d9ee4237370f
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
server
cloudflare
x-trace
2BA9B5C0B0F80518BD6D8A910878486AF600DC5F9B000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://secure.anedot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZW376ZHCFrn33WqStZAA%2BJDatLFKuF5oLma55BvSkfpXJNii7lFj%2FmPTM1CjIvg2uNqhLwGhmXqiExXQ8rhy1huCDxxcTEfkcs6LtsyB8L4O2Af2iIzrlJBhJDA6lI2"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
cf-ray
7725514c5f4f95f0-ARN
access-control-allow-headers
*
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:31:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
3abc0b71-365c-4464-ba0c-7f3b48b4d64c
x-trace
2B63B9C03CEBBA3F748E3C64658E67F70FDB92D97E000000000000000000
vary
origin
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
7725514edd7395f7-ARN
content-length
35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/618558795/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618558795/?random=1669829495863&cv=11&fst=1669829495863&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=616723605.1669829494&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-618558795&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bdbfa40c43a81fddeb5fc27e3274db18694197ef1e4cb908008b88e63c9d921f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956807382/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956807382/?random=1669829495895&cv=11&fst=1669829495895&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=616723605.1669829494&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-956807382&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
66e68d05951a0ff2ccefa819b946afe32fbf88979a86b5042ccb2c11a5e40a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/618638254/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/618638254/?random=1669829495910&cv=11&fst=1669829495910&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=616723605.1669829494&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-618638254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2ffe219bec8859eed773bf53d48d48429226ade8eab21f8e9f6330eb66029f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
970
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
345939417667905
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/345939417667905?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams2.fbcdn.net
Software
/
Resource Hash
b7279f4a145e3cbfda423dc5ad11b8c27f3542ad9578e24dac424404fc09c474
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Nov 2022 17:31:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NRKMBkLwib35+SsRPpupXSTuk5uVKqdAz507iF1anQVoD1zyN0rs5HMtbo2wByPO8HoSPlOh3n/WwdM7RIrcpA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/956807382/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956807382/?random=1669829495895&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1857791573&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/956807382/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/956807382/?random=1669829495895&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1857791573&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/618638254/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/618638254/?random=1669829495910&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2216749928&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/618638254/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618638254/?random=1669829495910&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2216749928&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/618558795/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/618558795/?random=1669829495863&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2356628871&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-user-list/618558795/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/pagead/1p-user-list/618558795/?random=1669829495863&cv=11&fst=1669827600000&bg=ffffff&guid=ON&async=1&gtm=2oabs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&tiba=Support%20-%20Turning%20Point%20USA%20NFP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2356628871&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 17:31:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=428683547748851&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829496142&sw=1600&sh=1200&ud[external_id]=f41472ea46eb3d39251b667979d72280&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345939417667905&ev=PageView&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829496143&sw=1600&sh=1200&ud[external_id]=f41472ea46eb3d39251b667979d72280&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=428683547748851&ev=Microdata&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829496644&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20-%20Turning%20Point%20USA%20NFP%22%2C%22meta%3Adescription%22%3A%22Join%20me%20in%20supporting%20Turning%20Point%20USA%20NFP%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22TURNING%20POINT%20USA%22%2C%22og%3Adescription%22%3A%22Join%20me%20in%20supporting%20TURNING%20POINT%20USA%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=f41472ea46eb3d39251b667979d72280&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345939417667905&ev=Microdata&dl=https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%3Fsource_code%3DDBP2P0354%26utm_term%3Ddb-tpu-cr34-020%26sc%3Ddb-tpu-cr34-020&rl=&if=false&ts=1669829496646&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20-%20Turning%20Point%20USA%20NFP%22%2C%22meta%3Adescription%22%3A%22Join%20me%20in%20supporting%20Turning%20Point%20USA%20NFP%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22TURNING%20POINT%20USA%22%2C%22og%3Adescription%22%3A%22Join%20me%20in%20supporting%20TURNING%20POINT%20USA%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.anedot.com%2Fturning-point-usa%2Fhow-we-win-p2p-db%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=f41472ea46eb3d39251b667979d72280&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669829494098.677523129&it=1669829493758&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://secure.anedot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Nov 2022 17:31:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
post-log
tags.wdsvc.net/ 		0
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.10&amp;t=1669829494717
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100407
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.5.59.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-59-110.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.anedot.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.anedot.com
Date
Wed, 30 Nov 2022 17:31:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontentvisibilityautostatechange object| dataLayer object| _mtm object| d object| g object| s object| _paq object| webpackJsonp function| clearImmediate function| setImmediate object| regeneratorRuntime object| KJUR object| Hex object| Base64 function| ASN1 function| TxEncrypt object| Cleave function| gtag function| fbq function| _fbq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| MatomoTagManager object| piwikPluginAsyncInit object| __post_robot_11_0_0___uid_dhsgmozvaskoppqisejljfrdcclpzf object| paypal object| __zoid_10_1_0___uid_dhsgmozvaskoppqisejljfrdcclpzf object| paypalDDL string| PaypalOffersObject function| ppq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| GooglebQhCsO function| _googWcmImpl string| _googWcmAk string| qp string| TiktokAnalyticsObject object| ttq object| __post_robot_10_0_44__ object| PAYPAL object| module$contents$mapsapi$overlay$overlayView_OverlayView function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| google_optimize function| UET function| UET_init function| UET_push object| ueto_8524c79aff object| uetq function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _hsp object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| WDSMemberConfig object| WDSConfig number| timeout object| __e3_ string| google_wcc_status boolean| tpc_present boolean| _hspb_ran boolean| _hspb_loaded boolean| PIXELS_RAN object| _hsq object| __hsCollectedFormsDebug function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _enabledEventSettings

38 Cookies

Domain/Path Name / Value
secure.anedot.com/ Name: source_code
Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IklrUkNVREpRTURNMU5DST0iLCJleHAiOiIyMDIyLTEyLTAxVDE3OjMxOjMyLjY4MVoiLCJwdXIiOiJjb29raWUuc291cmNlX2NvZGUifX0%3D--cb06fa6cb79f684a39454245eda5e0ef63fe72fb
secure.anedot.com/ Name: _pk_id.1.369d
Value: d029346e7468fb79.1669829493.
secure.anedot.com/ Name: _pk_ses.1.369d
Value: 1
.anedot.com/ Name: _anedot_session_production
Value: awyx3ikVT7g61pkiMta3yPVyjmkpiJPrNn7%2FyGCMFCT0NgyIHkbC%2BMSX2QxW0%2BgbbnFB%2FtfRSCd0yOrZjA06AE8XJgsnycsc8Gn0fY76ULgoM0WbvD%2FUgHWqaKwjwy4Y%2F49Lm2eZvG8sACdgDQI5QVRWrqIO6lhIgI%2B4vHoBGWP5POv8nsp1PsptaFZ9W64KZRaS8QMaP2aj9a0XnxZUA6R%2B2diTPMucRprf%2BJYAffLiWNjFCkO1I8vRHSjueJ1bBd50jwy%2BtwYSDu5HT8h87PECbYndfx0%2BDTuTQhPsV9m36POkw0RiebNnEJJDInnxtEuRPNisvCqHrtCtPiYyUmcaoODrkSAe5F8Y3lgtDvim7AH2BTj7U3Eq5iEV7jM2yG3huk1%2FrQ%2FXo8kT1336Nchh4N9SVOwIghwqZHne--Lxc8AbigCVYIsK3j--BIXxZSTtWSacXrBtS%2FqT%2BA%3D%3D
.google.com/ Name: NID
Value: 511=KQ1D4k7Uqeeh349yv9bYhSP0p_EE4W9jMzgEIoik--73QwRCeSRE24XPt0Q8fXummrmFpKYjjjX9lX_HF7O2hnVTrRXxkZduUNEAQ5y9yrp4bo3agwQZ5cU-F_knQYRbBSspczbctLpSBd3vhAK-eaFfPW0vmH-KMaaXsWVBD1s
.anedot.com/ Name: _gcl_au
Value: 1.1.616723605.1669829494
.anedot.com/ Name: _ga_7SZC1SVE72
Value: GS1.1.1669829493.1.0.1669829493.0.0.0
.paypal.com/ Name: l7_az
Value: dcg14.slc
.anedot.com/ Name: _fbp
Value: fb.1.1669829494098.677523129
.anedot.com/ Name: _ga
Value: GA1.2.527061542.1669829494
.anedot.com/ Name: _gid
Value: GA1.2.1752690854.1669829494
.anedot.com/ Name: _gat_gtag_UA_168958653_1
Value: 1
.anedot.com/ Name: _gat_UA-168958653-1
Value: 1
.bing.com/ Name: MUID
Value: 3FFA6324C5BD699B2DCF7148C4EA68FF
.anedot.com/ Name: _uetsid
Value: d5e910a070d411eda010fbe2322c07ce
.anedot.com/ Name: _uetvid
Value: d5e93c3070d411edb2fb1d11f714f666
.doubleclick.net/ Name: IDE
Value: AHWqTUmrx0xmfRNr9DwcHreV0KjH_dEvi_6SnmnWwYYsBllpDNmNaVBd2pXzfq-7
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: fi_FI%3BFI
www.paypal.com/ Name: nsid
Value: s%3AuZpSC4J1GEekc2D08PfKNLpwPYdukrp1.1Z8wTDVhhRjyaLvNTTpPrOLTfMfX2TMJb05Zc8r5Jrw
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.tiktok.com/ Name: _ttp
Value: 2IHDDPCR9GuDyK2zVYwSlEI8ZG5
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2022-11-30T17:31:34.545Z~2022-11-30T17:31:34.545Z|6324208889812171|04|
.anedot.com/ Name: _tt_enable_cookie
Value: 1
.anedot.com/ Name: _ttp
Value: 09eb90c5-9cb1-4b52-9a17-1e7828aefc5d
.paypal.com/ Name: tsrce
Value: loggernodeweb
.paypal.com/ Name: ts_c
Value: vr%3Dc998084e1840a1d677cc7cf6fd7ad9d3%26vt%3Dc998084e1840a1d677cc7cf6fd7ad9d2
.c.paypal.com/ Name: sc_f
Value: hN_6v3hCWZZKxYvFririAKk4qYvPGB-OvTwI1aUHHNVAHJiJR_X5SA9wZMcwhWhEgpwznnXVgCsGSrZCvlGMVPgpPo1mWvC-2xPNRG
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: WM1R2f_sA9dHNK1hVOxCEjui2tQyS3MtPN2GMJOzc_vQis3zrS37bc98Re4uDV22-Q4gS1QVccJ0IZk5
secure.anedot.com/ Name: __hstc
Value: 21404644.f41472ea46eb3d39251b667979d72280.1669829495466.1669829495466.1669829495466.1
secure.anedot.com/ Name: hubspotutk
Value: f41472ea46eb3d39251b667979d72280
secure.anedot.com/ Name: __hssrc
Value: 1
secure.anedot.com/ Name: __hssc
Value: 21404644.1.1669829495467
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY2OTgyOTQ5NTQzMCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1764523895%26vteXpYrS%3D1669831295%26vr%3Dc998084e1840a1d677cc7cf6fd7ad9d3%26vt%3Dc998084e1840a1d677cc7cf6fd7ad9d2%26vtyp%3Dnew
.hubspot.com/ Name: __cf_bm
Value: KsJNlL8.xTP_cmsRuK6ItANodfMCTaFHbGkJZh_u5Ig-1669829496-0-AYAW/CNz9AdugEY5i66fSXVSwJcFXSaVoNQkiv4rhlr3IkiSAnz+6dYldMv4HXnIzK6rlBNZAccroG/IYCR49vQ=
.anedot.com/ Name: wds_random
Value: 2022-11-30T17:31:34.545Z~2022-11-30T17:31:34.545Z|6324208889812171|04|

4 Console Messages

Source Level URL
Text
network error URL: https://secure.anedot.com/turning-point-usa/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://secure.anedot.com/turning-point-usa/how-we-win-p2p-db?source_code=DBP2P0354&utm_term=db-tpu-cr34-020&sc=db-tpu-cr34-020
Message:
Refused to execute script from 'https://secure.anedot.com/turning-point-usa/undefined' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.anedot.com
analytics.tiktok.com
api.hubapi.com
b.stats.paypal.com
bat.bing.com
c.paypal.com
c6.paypal.com
connect.facebook.net
dub.stats.paypal.com
files.anedot.com
forms.hsforms.com
forms.hubspot.com
givetotpusa.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
maps.googleapis.com
maps.gstatic.com
pagead2.googlesyndication.com
pay.google.com
play.google.com
q.quora.com
region1.google-analytics.com
secure.anedot.com
stats.g.doubleclick.net
t.paypal.com
tags.wdsvc.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.16.196.7
104.16.89.5
104.17.116.176
104.17.130.171
104.17.202.204
104.17.213.204
104.17.71.176
104.19.154.83
142.250.181.228
142.250.181.238
142.250.185.131
142.250.185.72
142.250.186.110
142.250.186.130
142.250.186.163
142.250.186.66
151.101.65.21
151.101.65.35
157.240.201.35
157.240.247.8
172.217.16.131
172.217.18.106
172.217.18.3
172.64.154.85
192.229.221.25
204.79.197.200
216.239.32.36
23.11.206.16
34.238.56.9
52.5.59.110
64.233.165.92
64.4.245.84
74.118.130.252
74.125.140.156
0072341cd97b3f3bb1d9b898d585a929841b59bf74344941c914fca6be45dd10
01876365a14a768ea7dc9e634bbca693c59b1dbd735b497a544770523569226b
0518c7fb9e5a615b245e2af654fa74a7badfa43ad00fbda2ec98a05f3696ff0e
068c899430c36f70a7c28309d749c9d4521aa404ee5d82dba982931fc520dcde
070fa95f6a86fc453e1b45d1b543b049e9e2a18fd0b39925e0a18b66d9e9b7cb
0852a955025cb8e9cfa4b62e6268c4a0d524de15deac3fec7ba4af2440f09116
0cd1bb0e1e735aabd07fbead0799f0864b823fabb8e762ad922e8886f4ad32ee
0f61524c75686d34fca2f7e0a08835f6cd397796cbc74f7c73a0f2834dd3cc2e
1081e12135a4a970711852d27a23452d7c734e92359789f2be0af84a23fd8c2b
1632c22eab71250a40affdacfb6d5d973ccba4165904fb66201006f39c1f82e7
1db56d3836d088494d4cef31d16635576729472ea6beebb5b607d90acfa46b18
2175477823c722d508952dd403d7d52a21fb2b6ececb58a13bbf084f7cf76430
24765e55f4f2d5ec4a474822de6f3e838b340d5ee808bb75896e594a799a1a9c
24f351ab2b745fc99c7d85bc2cc7411d4b91120dfa7aa87f006d945b79213be3
2580e7d53fa7f69c654fd63ecadc5f3a26379f4a9c8deb69d093040c340f9276
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2751133a2307863e7d35a5c0ce65d29ec5952263a2248b6a7b28482181293e48
28e468e64f5fc217926caa86b72efc880982415ed5649732ea4867f6068d5593
2df5cbfdfb730de609ccb96d910a88b5501b9d571090a579e0b8dca0546bb6e7
2ffe219bec8859eed773bf53d48d48429226ade8eab21f8e9f6330eb66029f83
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3ac922ded62edebcdd9e280259cf707347aa89983aefa75548d2b5d6c8c087f0
3c02f56cbbd92b763a65a376e92f4d211904b87e4e1377b351cd47ce3f2879bc
3c852621ac4033ffa78f7aaff91095e491eef1b4bab2442a66142a7fdc593ed6
3c994a9648b1464b8732b8c8fdac1d8ae42b0959ec82dac186f4acd0c67cfe2b
3caa5a2bc065caf1600e52d9c50817ef1a99b908b118810b7cfaa04b39382d32
3e43677b39f6b3360b357623b568efbe570d3d9a41ddf1e30f9a6fe0830a37c7
40590e2fa42e07c82cbcc519c28b327736a4a971ecd561228965f069dfff3d87
45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471cecda7f14f16d7da999ce3f8c0374cb35522a471c33485d07e5db821eab31
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4944d9313621a0a70653acb9c3b748a8c9b9938e5a55e54ee5a6925082a69970
4c916c878ba00d93aabd7b6507f346e60eba77753ccc076c95fdcf501efba1b1
4ecd6bd39b521b08ae0176e05c71245505b7253f22ba4c6cb3aaf3b911070fab
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbe1f107e9c0d0d67cad84f39ff5e1ba1ab768f0088f6aa80a44a41046e31f1
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55dd2f516792054323322929f4d5ba0eebc5088d60467c34d3b5c4831980fccf
575744fe399b90c316c4f059fbb9309a704204c401996436633cb9dda7e3fa53
5cabab8d064c8f10e3099c8e7f994eb9dd671344bdcbcefc32a4385a965828ee
5d96cdc85e6300c694474fa81a3ac45aa1c0f028ac767118aaf2de8661d94886
5e5b0cc492d92b48e7d5332f3d9836e88ad46fe67892ba0b1be4611ec8a60a00
62a048a7464cad9daac56803e6c9943e745b1118b480a95f1ec6fdea301f9ea2
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64f54ad2af50ee6d16d2fbc0d5e0d888125048b0f211378573345edf7d6af498
66e68d05951a0ff2ccefa819b946afe32fbf88979a86b5042ccb2c11a5e40a8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0a4fd6aa7ab1c31d50852df5a3100d572f72ddceadb56a39b88ec88ad256f2
6c3cc187fce87bd6f600fb188836037d79a0090b4d2859aeb85e1bcbfb38b32e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
75102c3aa71ad0b81d6ac304a7786d306e39b3639a28f2f947879f397d82ce1a
7f0d8456b872023ce316dc1e98a7b8a54e81d9d9dcbba904efe73100976a524a
816d7d15eedb00b2035d6bdaad22e10fcdff4e00a08e5e96bbc905d9dfa87dbd
83b3ddf74b7caadbc5b1059727f597390f497b596dddf84eaac4db6053284eb4
86c05fa6dbe3d56f10af1ba9f204853f58aaf58baa46e364d7450fcadca52392
86fed13eb63bbc88d3f11bfa26cf542cb383e34dd8940e5279f03172db708316
887e8d782a4725cef7665968ca6dfd7c67d49f94c7ec5f8b77b23fba2d057d24
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
96b1fb4eddb4ba0cf0366310be8aa85c62b4e720abfaad1b6e66a601d1b5cc4a
97ca8aeaef7424cb318dc278770e528b09fa4b5f7d392394521eb3067816ec10
9a3f80e9dfa5ca762249aad5cd5fc161c777719b366bd3960d3c6381b81bb275
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a3178620df4f88bcd6ecb8aed99eac262b21eb53276ecf60860e49d0a8f94463
a402f61252340ec3e3d387a1a466baab27ffa236e0bf967e51865806132d7a2f
a8380e6b898da4b15ac8ba13dcb49017736c95d69a5355b9d42d138be0f4ad8f
ab1094345d620d9a17bdce4567c3726fdcdb652b7689402377ea99e423473109
ac1198b5311feb026d2b82cde72918ecb94231859aef5319a52063893dc3ab09
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b16c597373e85dd326d55a138aab1ef01c5bba476ab9f30d7206135b04e4c4ae
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5ccb8244c804a0019759f1c5ba015f9ccfc2e8cf7781c6a2b2126f120bfc96a
b659aa84dbf169a7528ddc10498fff1030a8639a453ddbe774172c29e2ec63f9
b7279f4a145e3cbfda423dc5ad11b8c27f3542ad9578e24dac424404fc09c474
b770dc8f241e65e70641a0f75ae83e3beacd7ca3a6d99e6b05b5c932efcf6c55
ba70351c39ebdd6afe29c998773f0593d76e6176cf35b7663d342691389acb91
bb8622afa73d757e9e528d3c9f16976deebaf88f4f1445e3d4448df481bb51fe
bc67238c4c7171d8f8a22ab90f9a703c819e9843f4f2b49a87d90bd45f5e974a
bdbfa40c43a81fddeb5fc27e3274db18694197ef1e4cb908008b88e63c9d921f
c284a75a6b11d953e353007d7ffb9a57274612b866b3447ed594e04a4f80517d
c3a2500f32c830989a62a0487dbf711196933196ece00e5c3e3410599f5890ac
c44ae60f4d7bafef63b3434cb5635223fb40108f278ebacfca090fd6bb3a0097
c931f144f1f1a9a0cc0f5f92be0245b434a92b0236c4177ea2432c405401a2b7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cad7ad9cb5fd753bfa31679870f3794a05df28765d2cbed47003caf8f9d214af
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce46dd3962aa1c3fe602c4f5d5db9bc8311331ad0f668af3280b803114851e02
d1591c5a4db05c76a5ad5015ce37b9a8275922d1bcac415f34cd34854612f9c0
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
d95a517cab431c5e9e5befd9aaa39402c8c31c8e775068380eabf5e89aa26a2e
d9afe8bb655aec7da3b284f85da079038bc378e4164f310a35a06f14a0961273
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b1612dbe66174564012c5e362b37e9dd8b59dbd2173da0d1953b5eef9865fa
e87140f0cfec6cd9c16471f9d8eec140a1b9ef36d17ab2639126e16452e214a4
e87b8e7bcca554364a2220c997fdc8104d0125de9238e24c218a3e25af4dd6ab
e8c1a54fb8fc12e93036c91eeba7691158677b075cbc29a07fa688259ee86877
eba2bc7b1a8274ed3b06b582c1efece2336dae57d5aad1c9dd48de612da89477
ef0a3d4ad77f64b7349b6faaa0df3468f920cb4a4d27f5cf95a3013169401726
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11763fd84020e13295b68d97fcf6b6c73e73acaf2ad90183672d5a16d4f6d1c
f1dbe560d81122685ca2d4a338270247b4518d53b7900e83765e45be8236b1df
f5dfb8c2659073eccb88da4072102552e9798aab0bb87518f5ae73d37f2a5022
f73033859b4a070c55562bdec7ba192903e2ab37ef9b36b7b791f262a0614cc5
f73b3babf103ee53b8951197bfcdac908da92b35fee908246f1541f8855db289
f967a1c7d0c4e81ace56bc68c32bc782cd3276e2a55b83418b1ab7c97eb11c2e
fb4782e004cf5c6079db192195f9821cdfac224a7c6527a227872f8e64eb6786
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df