Submitted URL: http://rofa.fi/
Effective URL: https://rofa.fi/
Submission: On February 25 via manual from SE

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 59 HTTP transactions. The main IP is 185.20.12.102, located in Sweden and belongs to ASODERLAND, SE. The main domain is rofa.fi.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 2nd 2020. Valid for: 3 months.
This is the only time rofa.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
25 rofa.fi 1 redirects rofa.fi
7 fonts.gstatic.com rofa.fi
6 fonts.googleapis.com embed.tawk.to
rofa.fi
3 vs18.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
rofa.fi
3 www.google.de rofa.fi
3 www.google.com 2 redirects rofa.fi
3 www.google-analytics.com 2 redirects www.googletagmanager.com
2 va.tawk.to embed.tawk.to
2 stats.g.doubleclick.net 2 redirects
2 www.facebook.com rofa.fi
2 connect.facebook.net rofa.fi
connect.facebook.net
2 www.googletagmanager.com rofa.fi
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 embed.tawk.to rofa.fi
59 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
wikinggruppen.se
Subject Issuer Validity Valid
rofa.fi
Let's Encrypt Authority X3
2020-02-02 -
2020-05-02
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
ssl902639.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-15 -
2020-05-23
6 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
www.google.de
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-02-22 -
2020-08-30
6 months crt.sh
*.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
www.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh

This page contains 6 frames:

Primary Page: https://rofa.fi/
Frame ID: 4F07DD0FC649AC387A6AA6B60A53564F
Requests: 51 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: EA07ED4AAA5D7644503A4E4540545307
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 592701F3652129B9EF5902045BC55D0A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: AAF6F8C705917E84BB5F9A940B98E26C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: EF3EB9B14655871A13F4B363BD782596
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: B40D5AE2B42A7DDE34907B8E341B92A7
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://rofa.fi/ HTTP 301
    https://rofa.fi/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<!-- WIKINGGRUPPEN/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

59
Requests

100 %
HTTPS

86 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

2881 kB
Transfer

5493 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rofa.fi/ HTTP 301
    https://rofa.fi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1287435490&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Frofa.fi%2F&ul=en-us&de=UTF-8&dt=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1167217435&gjid=175034118&cid=1029335596.1582644001&tid=UA-139348798-1&_gid=11057420.1582644001&_r=1&gtm=2ou2c0&z=1338833012 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_gid=11057420.1582644001&gjid=175034118&_v=j81&z=1338833012 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012&slf_rd=1&random=549555884
Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1287435490&t=event&ni=0&_s=1&dl=https%3A%2F%2Frofa.fi%2F&ul=en-us&de=UTF-8&dt=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=page&ea=visit&el=home&_u=YEDAAUAB~&jid=988452586&gjid=834845186&cid=1029335596.1582644001&tid=UA-35241193-1&_gid=11057420.1582644001&_r=1&gtm=2wg2c05BGD8JH&cd2=home&z=382668355 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_gid=11057420.1582644001&gjid=834845186&_v=j81&z=382668355 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355&slf_rd=1&random=1895741755

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rofa.fi/
Redirect Chain
  • http://rofa.fi/
  • https://rofa.fi/
74 KB
16 KB
Document
General
Full URL
https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache / PHP/7.3.14
Resource Hash
f9c9a879835e5faa19702c0b3762cd1bbf147b94a5d81b0e161fcd4386ea97a8

Request headers

:method
GET
:authority
rofa.fi
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 25 Feb 2020 15:20:01 GMT
server
Apache
x-powered-by
PHP/7.3.14
link
</frontend/view_desktop/design/logos/logo_sv.png>; rel=preload; as=image, </userfiles/image/rulldjur.png>; rel=preload; as=image, </userfiles/image/footer-logos.png>; rel=preload; as=image
set-cookie
scriptsloaded=1469; expires=Tue, 03-Mar-2020 15:20:01 GMT; Max-Age=604800; path=/; secure
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
15071
content-type
text/html; charset=UTF-8
push-policy
default

Redirect headers

Date
Tue, 25 Feb 2020 15:20:00 GMT
Server
Apache
X-Powered-By
PHP/7.3.14
Cache-Control
no-cache
Expires
-1
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Location
https://rofa.fi/
Content-Length
0
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
logo_sv.png
rofa.fi/frontend/view_desktop/design/logos/
26 KB
27 KB
Image
General
Full URL
https://rofa.fi/frontend/view_desktop/design/logos/logo_sv.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
fc4c85e6ca0dcec8721a6bc0ff297870a7e1270e50530a708f83e736d55f5fd1

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Thu, 02 May 2019 13:18:31 GMT
server
Apache
etag
"360462-69ff-587e77874ced6"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27135
expires
Wed, 24 Feb 2021 15:20:01 GMT
rulldjur.png
rofa.fi/userfiles/image/
740 KB
745 KB
Image
General
Full URL
https://rofa.fi/userfiles/image/rulldjur.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
1a3327a0da2182d7fdc14c2d9fd2325327fdd0369db554a35dc00f4636db2f18

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Fri, 31 Jan 2020 07:46:29 GMT
server
Apache
etag
"36684a-b8f1c-59d6ac58b3e7e"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
757532
expires
Wed, 24 Feb 2021 15:20:01 GMT
footer-logos.png
rofa.fi/userfiles/image/
2 KB
2 KB
Image
General
Full URL
https://rofa.fi/userfiles/image/footer-logos.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
a77f1a4d48fcce7c78dbddf8701281e121cc98320d28bd9bb3875b451233867c

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Mon, 27 May 2019 10:10:44 GMT
server
Apache
etag
"36395e-8d5-589dbc2ea326a"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2261
expires
Wed, 24 Feb 2021 15:20:01 GMT
compiled_1.css
rofa.fi/css/compiled/
121 KB
23 KB
Stylesheet
General
Full URL
https://rofa.fi/css/compiled/compiled_1.css?v=1469
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
c3b424e7c1ca09ee0d249e70996e336d65a1aeb120152f29bd4bed4caaf40894

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 14:05:41 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
23806
expires
Wed, 24 Feb 2021 15:20:01 GMT
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139348798-1
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6d6c537f148cc828a841b81b0026a0127c45933b4fb0fdac2bab7ac4890f0e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28494
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Feb 2020 15:20:01 GMT
handduk%C3%A5ter(1).png
rofa.fi/userfiles/image/
924 KB
926 KB
Image
General
Full URL
https://rofa.fi/userfiles/image/handduk%C3%A5ter(1).png
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
6c4e6476a8e3a487d6c89f19f3e9ab1bf049af17d727b202257994563b0550a3

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Mon, 24 Feb 2020 10:12:57 GMT
server
Apache
etag
"365be7-e7193-59f4f9d81ac56"
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
946579
expires
Wed, 24 Feb 2021 15:20:01 GMT
gtm.js
www.googletagmanager.com/
65 KB
23 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5BGD8JH
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8367db44d8dcfc55a5c67ec41d35532deeeb34b7c4851d16546199c45ede5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23706
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Feb 2020 15:20:01 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
nuHkxNjhR7BnSNR+ftiUrL/xAA/CKsvSys66dN8MuETweGh7wA4lNCVXsGjawo4w2V9oWLnfxcTUDhqT7mcPfw==
x-fb-trip-id
1850256238
date
Tue, 25 Feb 2020 15:20:01 GMT, Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
default
embed.tawk.to/5d160d5c36eab9721119b53c/
504 KB
111 KB
Script
General
Full URL
https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dae240e8d40702f7254afe8ace36b8e84c9b54c59be4aa2cda3b5836d9453cd3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
1
etag
W/"fulls68123"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
56aaa930399d1f39-FRA
access-control-allow-origin
*
regular.svg
rofa.fi/svg-icons/
525 KB
155 KB
Other
General
Full URL
https://rofa.fi/svg-icons/regular.svg
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
b15821f3aa8634d020ee6cf4e13f1bb3cb9e9423ff6c43de2b73b89573b544e5

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
accept-ranges
none
expires
Wed, 24 Feb 2021 15:20:01 GMT
light.svg
rofa.fi/svg-icons/
566 KB
165 KB
Other
General
Full URL
https://rofa.fi/svg-icons/light.svg
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
200266c679360639dbed7396f00b384829c605bc126233739d0c3c1167cfae4f

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
accept-ranges
none
expires
Wed, 24 Feb 2021 15:20:01 GMT
lazysizes.min.js
rofa.fi/js/vendors/
6 KB
3 KB
Script
General
Full URL
https://rofa.fi/js/vendors/lazysizes.min.js?1469
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
7553846e23483f48b351ba03a548d18e93a2e72198f780c095cf6ab5e289e4a4

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
3094
expires
Wed, 24 Feb 2021 15:20:01 GMT
jquery-1.11.0.min.js
rofa.fi/js/vendors/jquery/
94 KB
33 KB
Script
General
Full URL
https://rofa.fi/js/vendors/jquery/jquery-1.11.0.min.js?1469
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
33369
expires
Wed, 24 Feb 2021 15:20:01 GMT
fi.js
rofa.fi/js/phrases/
3 KB
1 KB
Script
General
Full URL
https://rofa.fi/js/phrases/fi.js?1469
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache / PHP/7.3.14
Resource Hash
881017c32647b65841ee89300616186765702ce887b4099c82e5b63f843e3227

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
cache
date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/7.3.14
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
1068
expires
Wed, 24 Feb 2021 15:20:01 GMT
compiled_1.js
rofa.fi/js/compiled/
47 KB
15 KB
Script
General
Full URL
https://rofa.fi/js/compiled/compiled_1.js?v=1469
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
0f1cb9dc668737a606fd7918a509629596e2ccea9797113d51c0705060579018

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 14:33:28 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
15636
expires
Wed, 24 Feb 2021 15:20:01 GMT
webfontloader.min.js
rofa.fi/js/vendors/
12 KB
5 KB
Script
General
Full URL
https://rofa.fi/js/vendors/webfontloader.min.js
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
14bda7fd42eae25671a79a99196e9ba11d3db0daefbe9b10863b05c4499c7e6f

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
5109
expires
Wed, 24 Feb 2021 15:20:01 GMT
solid.svg
rofa.fi/svg-icons/
460 KB
128 KB
Other
General
Full URL
https://rofa.fi/svg-icons/solid.svg
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
5d65d52cd7f0f2d81d3cbff869acb356f05924f4979f7329ffb6fc2ab884bfd9

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
accept-ranges
none
expires
Wed, 24 Feb 2021 15:20:01 GMT
349166795783212
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/349166795783212?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a63731dacc22aa15e80b9bd7fbe05ad81df9a5aa897a705888cfd97271052b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114947
x-xss-protection
0
pragma
public
x-fb-debug
yRcrNPtIshNDqxcbJwAYdvCnd1hcTeseJpKQEjFCnxE9VrlTmtD1AFXDgB28OuEmvrRF7lx586g2w2duhqLQJw==
x-fb-trip-id
1850256238
date
Tue, 25 Feb 2020 15:20:01 GMT, Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139348798-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5270
date
Tue, 25 Feb 2020 13:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Tue, 25 Feb 2020 15:52:11 GMT
conversion_async.js
www.googleadservices.com/pagead/
26 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BGD8JH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
9478280665056484852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Feb 2020 15:20:01 GMT
/
www.facebook.com/tr/
44 B
257 B
Image
General
Full URL
https://www.facebook.com/tr/?id=349166795783212&ev=PageView&dl=https%3A%2F%2Frofa.fi%2F&rl=&if=false&ts=1582644001372&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582644001370.766853694&it=1582644001309&coo=false&rqm=GET
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT, Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 25 Feb 2020 15:20:01 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1287435490&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Frofa.fi%2F&ul=en-us&de=UTF-8&dt=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_gid=11057420.1582644001&gjid=175034118&_v=j81&z=1338833012
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012&slf_rd=1&random=549555884
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012&slf_rd=1&random=549555884
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139348798-1&cid=1029335596.1582644001&jid=1167217435&_v=j81&z=1338833012&slf_rd=1&random=549555884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1287435490&t=event&ni=0&_s=1&dl=https%3A%2F%2Frofa.fi%2F&ul=en-us&de=UTF-8&dt=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_gid=11057420.1582644001&gjid=834845186&_v=j81&z=382668355
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355&slf_rd=1&random=1895741755
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355&slf_rd=1&random=1895741755
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35241193-1&cid=1029335596.1582644001&jid=988452586&_v=j81&z=382668355&slf_rd=1&random=1895741755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame EA07
8 KB
793 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
css
fonts.googleapis.com/ Frame 5927
8 KB
781 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d75cc7f1860543936e87f46be0128d35f5cb04962a436d47d21ac53bb9ed7c22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
css
fonts.googleapis.com/ Frame AAF6
8 KB
747 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
css
fonts.googleapis.com/ Frame EF3E
8 KB
747 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
css
fonts.googleapis.com/ Frame B40D
8 KB
747 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame B40D
192 B
252 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10309927
cf-ray
56aaa9312bdf635f-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21037-AMS, cache-fra19142-FRA
server
cloudflare
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame B40D
295 KB
36 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10309928
cf-ray
56aaa9312be0635f-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21034-AMS, cache-hhn4075-HHN
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
1582644001467
va.tawk.to/register/
724 B
1 KB
XHR
General
Full URL
https://va.tawk.to/register/1582644001467
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b954ffbd1454509961e5f9a85f5e95d4b3bfc4cb2632ce1577e5ffae5ec00fd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-731v
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://rofa.fi
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
56aaa9314aa1c2ae-FRA
access-control-allow-headers
origin, content-type
custom-fonts.css
rofa.fi/css/fonts/
385 B
212 B
Stylesheet
General
Full URL
https://rofa.fi/css/fonts/custom-fonts.css
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
8f62b13c046b2140787cb492b930499ca5be4115bb6bbc231ad6c4891aa5eba9

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
none
content-length
178
expires
Wed, 24 Feb 2021 15:20:01 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86e4fa714c3a4dea3e73f8a08acbf8cc912aba02b27bc72af190036019ea5167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 15:20:01 GMT
server
ESF
date
Tue, 25 Feb 2020 15:20:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 15:20:01 GMT
MwQubh3o1vLImiwAVvYawgcf2eVeqlq4ZnRSZw.woff2
fonts.gstatic.com/s/oldstandardtt/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v12/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4ZnRSZw.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f69cb631d1cc88e311ffc95a814d46912207429182be7ce21fdfab5292bc2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 23:14:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:57:01 GMT
server
sffe
age
1785952
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13168
x-xss-protection
0
expires
Wed, 03 Feb 2021 23:14:09 GMT
MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHNwZcQH.woff2
fonts.gstatic.com/s/oldstandardtt/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v12/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHNwZcQH.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5420b0952cc402bc9176459b4d3bf5af7ac79205a70ed83e0a296837db7b9ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 01:10:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:56:30 GMT
server
sffe
age
3334187
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14288
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:10:14 GMT
MwQrbh3o1vLImiwAVvYawgcf2eVWEX-tS1ZfTc4PlA.woff2
fonts.gstatic.com/s/oldstandardtt/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oldstandardtt/v12/MwQrbh3o1vLImiwAVvYawgcf2eVWEX-tS1ZfTc4PlA.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f00acc755b297fe28c794956a8e1220ea01d4d24beec5453475b561103db9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 20:17:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:39 GMT
server
sffe
age
68552
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13120
x-xss-protection
0
expires
Tue, 23 Feb 2021 20:17:29 GMT
ijwTs5juQtsyLLR5jN4cxBEoTJzax8s3Jik.woff2
fonts.gstatic.com/s/hindsiliguri/v6/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hindsiliguri/v6/ijwTs5juQtsyLLR5jN4cxBEoTJzax8s3Jik.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
967f31692fbbf9aa3f0e5bfbbcc89c860bf1fd1cb6763ea6e48350439955c439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 06:01:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:51:26 GMT
server
sffe
age
2971136
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
expires
Thu, 21 Jan 2021 06:01:05 GMT
ijwOs5juQtsyLLR5jN4cxBEoRG_50uYVKwOs1to.woff2
fonts.gstatic.com/s/hindsiliguri/v6/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hindsiliguri/v6/ijwOs5juQtsyLLR5jN4cxBEoRG_50uYVKwOs1to.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94f7a154022a8e4914cf6913fbd39132d485dbd4cd2b080c0a0e83ef6f9e58bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:02:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:00:49 GMT
server
sffe
age
2870251
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8120
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:02:30 GMT
ijwOs5juQtsyLLR5jN4cxBEoREP-0uYVKwOs1to.woff2
fonts.gstatic.com/s/hindsiliguri/v6/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hindsiliguri/v6/ijwOs5juQtsyLLR5jN4cxBEoREP-0uYVKwOs1to.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
286608a2d92b885384c76fdcb54a97ee91c4b97d9b7de6ec40ce2307b71f43cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:19:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:03:15 GMT
server
sffe
age
2869228
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8080
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:19:33 GMT
ijwOs5juQtsyLLR5jN4cxBEoRCf_0uYVKwOs1to.woff2
fonts.gstatic.com/s/hindsiliguri/v6/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hindsiliguri/v6/ijwOs5juQtsyLLR5jN4cxBEoRCf_0uYVKwOs1to.woff2
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4352b4f76fd182f070b655fa2b228b96a97343050484ebae925760971a622bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400i,700%7CHind+Siliguri:400,500,600,700%7COld+Standard+TT:400,400i,700
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 06:14:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:03:24 GMT
server
sffe
age
2970333
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7756
x-xss-protection
0
expires
Thu, 21 Jan 2021 06:14:28 GMT
wgr-icons.woff2
rofa.fi/css/fonts/wgr-icons/
66 KB
66 KB
Font
General
Full URL
https://rofa.fi/css/fonts/wgr-icons/wgr-icons.woff2?6b2nks
Requested by
Host: rofa.fi
URL: https://rofa.fi/js/vendors/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
1dc579c6ff41139b75e3f01ed6fdff58b7efded68729ac8f1d26415277b53ed5

Request headers

Referer
https://rofa.fi/css/compiled/compiled_1.css?v=1469
Origin
https://rofa.fi
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Tue, 05 Mar 2019 15:32:59 GMT
server
Apache
etag
"3603b6-1086c-5835a96836e25"
content-type
font/woff2
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67692
expires
Wed, 24 Feb 2021 15:20:01 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/745836339/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745836339/?random=1582644001718&cv=9&fst=1582644001718&num=1&label=TEwSCNutg5sBELOe0uMC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Frofa.fi%2F&tiba=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e29c3cba1c35f25383bcbe26e99cbca3e126567dc6c5416af291c51ca7e00c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1096
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/745836339/
42 B
122 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/745836339/?random=1582644001718&cv=9&fst=1582642800000&num=1&label=TEwSCNutg5sBELOe0uMC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Frofa.fi%2F&tiba=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&async=1&fmt=3&is_vtc=1&random=1187507297&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/745836339/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/745836339/?random=1582644001718&cv=9&fst=1582642800000&num=1&label=TEwSCNutg5sBELOe0uMC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Frofa.fi%2F&tiba=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&async=1&fmt=3&is_vtc=1&random=1187507297&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vs18.tawk.to/s/
101 B
304 B
XHR
General
Full URL
https://vs18.tawk.to/s/?k=5e553b21a47bfba583a3187e&u=B6Z9cL7h27EKzyDmynVPIQFA0LNZBgJK4vbgeQcF2MPdDBTJxuEA0zVanxY5sDuM&uv=2&a=5d160d5c36eab9721119b53c&cver=0&pop=false&w=4323P0&jv=681&asver=533&ust=false&p=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&r=&EIO=3&transport=polling&__t=N1yxlm5
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45d08427807dd9ac5505b63b23af9a71a46787478f27239e9c900251f45ff16
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://rofa.fi
access-control-allow-credentials
true
cf-ray
56aaa9382b7ec2ae-FRA
content-length
101
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame B40D
413 B
549 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: rofa.fi
URL: https://rofa.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1580525
cf-ray
56aaa9334de2635f-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
content-length
413
x-served-by
cache-fra19182-FRA
server
cloudflare
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
www.facebook.com/tr/
44 B
111 B
Image
General
Full URL
https://www.facebook.com/tr/?id=349166795783212&ev=Microdata&dl=https%3A%2F%2Frofa.fi%2F&rl=&if=false&ts=1582644001875&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.%22%2C%22meta%3Adescription%22%3A%22Arvostetut%20lahjat%20kaikenik%C3%A4isille%20ja%20kaikkiin%20tilanteisiin.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A2643%2C%22w%22%3A1585%7D%2C%22properties%22%3A%7B%22url%22%3A%22https%3A%2F%2Frofa.fi%2F%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22target%22%3A%22https%3A%2F%2Frofa.fi%2Fsearch%2F%3Fq%3D%7Bq%7D%22%2C%22query-input%22%3A%22%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FSearchAction%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582644001370.766853694&it=1582644001309&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:01 GMT, Tue, 25 Feb 2020 15:20:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 25 Feb 2020 15:20:01 GMT
/
vs18.tawk.to/s/
488 B
549 B
XHR
General
Full URL
https://vs18.tawk.to/s/?k=5e553b21a47bfba583a3187e&u=B6Z9cL7h27EKzyDmynVPIQFA0LNZBgJK4vbgeQcF2MPdDBTJxuEA0zVanxY5sDuM&uv=2&a=5d160d5c36eab9721119b53c&cver=0&pop=false&w=4323P0&jv=681&asver=533&ust=false&p=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&r=&EIO=3&transport=polling&__t=N1yxl_7.0&sid=b4FxAuqmRD3P1ppXP-9I
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fdfc2080c45d67e7f7fdd68cea212e017bc47b93f11a66895108bb66b43d814
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://rofa.fi
access-control-allow-credentials
true
cf-ray
56aaa9394f0ec2ae-FRA
content-length
488
luvrosanordic.jpg
rofa.fi/images/list/
7 KB
7 KB
Image
General
Full URL
https://rofa.fi/images/list/luvrosanordic.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
3de112b91be025839c0b2277e1c05f052737c873a591bf7b21ab5571b9910460

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
last-modified
Wed, 23 Oct 2019 08:26:22 GMT
server
Apache
etag
"36612c-1cb1-5958fac054a42"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7345
expires
Wed, 24 Feb 2021 15:20:02 GMT
luvblanordic.jpg
rofa.fi/images/list/
8 KB
9 KB
Image
General
Full URL
https://rofa.fi/images/list/luvblanordic.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
a52f2bd4fc5719e39d9f6af058f0ef5acba176690e65d1deb3ed15c3056afa9c

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
last-modified
Wed, 23 Oct 2019 08:05:00 GMT
server
Apache
etag
"366111-21c4-5958f5f9ce316"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8644
expires
Wed, 24 Feb 2021 15:20:02 GMT
tagpostergul1.jpg
rofa.fi/images/list/
17 KB
18 KB
Image
General
Full URL
https://rofa.fi/images/list/tagpostergul1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
a59d8917edd40967f668b0c0d89eab05cc230e61356b3c76d69aae54d9f742f2

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
last-modified
Thu, 10 Oct 2019 10:59:59 GMT
server
Apache
etag
"365ea6-4510-5948c4d721f77"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17680
expires
Wed, 24 Feb 2021 15:20:02 GMT
v3
va.tawk.to/log-performance/
5 B
138 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-0jt9
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rofa.fi
access-control-allow-credentials
true
cf-ray
56aaa93a4a62c2ae-FRA
access-control-allow-headers
origin, content-type
/
vs18.tawk.to/s/
4 B
63 B
XHR
General
Full URL
https://vs18.tawk.to/s/?k=5e553b21a47bfba583a3187e&u=B6Z9cL7h27EKzyDmynVPIQFA0LNZBgJK4vbgeQcF2MPdDBTJxuEA0zVanxY5sDuM&uv=2&a=5d160d5c36eab9721119b53c&cver=0&pop=false&w=4323P0&jv=681&asver=533&ust=false&p=Lahjat%20persoonaallisella%20merkinn%C3%A4ll%C3%A4%20kaikkiin%20tilanteisiin.&r=&EIO=3&transport=polling&__t=N1yxm1h&sid=b4FxAuqmRD3P1ppXP-9I
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d160d5c36eab9721119b53c/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rofa.fi/
Origin
https://rofa.fi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://rofa.fi
access-control-allow-credentials
true
cf-ray
56aaa93a4a64c2ae-FRA
content-length
4
tagposterbla2.jpg
rofa.fi/images/list/
16 KB
16 KB
Image
General
Full URL
https://rofa.fi/images/list/tagposterbla2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
846d265480cef20c2a07c80434ddcd8b008de95171ca232f46accbe284e98a69

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:02 GMT
last-modified
Thu, 10 Oct 2019 10:59:55 GMT
server
Apache
etag
"365e7c-3fbb-5948c4d33af0a"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16315
expires
Wed, 24 Feb 2021 15:20:02 GMT
nyrod.jpg
rofa.fi/images/list/
16 KB
16 KB
Image
General
Full URL
https://rofa.fi/images/list/nyrod.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
785ecac2b4476c6181205281b1aaba1de7f87c4756c68e34b80300860fec5e8f

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
last-modified
Thu, 06 Feb 2020 12:39:46 GMT
server
Apache
etag
"367029-405b-59de791752c4a"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16475
expires
Wed, 24 Feb 2021 15:20:03 GMT
141671.jpg
rofa.fi/images/list/
20 KB
20 KB
Image
General
Full URL
https://rofa.fi/images/list/141671.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
081f81a80a88f37bf9c2aca000e009a99952a0f6a4f0daecd5f8ca9e022027bb

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
last-modified
Wed, 12 Feb 2020 08:45:04 GMT
server
Apache
etag
"367db2-4edd-59e5cfd1be13b"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20189
expires
Wed, 24 Feb 2021 15:20:03 GMT
2810_lgedvin2.jpg
rofa.fi/images/list/
18 KB
18 KB
Image
General
Full URL
https://rofa.fi/images/list/2810_lgedvin2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
4ef55f66b2fd65f7c3584b9a2974a3429eaca7566875bc2e79b16b70e0cf9457

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
last-modified
Thu, 20 Feb 2020 10:08:34 GMT
server
Apache
etag
"367972-48b1-59eff1676a3f2"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18609
expires
Wed, 24 Feb 2021 15:20:03 GMT
postersallahjartansvsvartdate.jpg
rofa.fi/images/list/
16 KB
16 KB
Image
General
Full URL
https://rofa.fi/images/list/postersallahjartansvsvartdate.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.12.102 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
rofa.wikinggruppen.se
Software
Apache /
Resource Hash
6aea039e75067bd1457cf090a84aa2c1a449b361a40fbec8eeeb090ad5f5f891

Request headers

Referer
https://rofa.fi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 15:20:03 GMT
last-modified
Wed, 08 Jan 2020 11:54:39 GMT
server
Apache
etag
"367539-3f49-59b9f8eb45dd0"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16201
expires
Wed, 24 Feb 2021 15:20:03 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| onloadCSS function| loadCSS object| dataLayer function| gtag function| fbq function| _fbq object| Tawk_API object| Tawk_LoadStart object| WebFontConfig object| WGR object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName number| closeContainerStart object| lazySizesConfig object| lazySizes object| WebFont function| $ function| jQuery function| checkEmail number| VAT_FORCE_INCL number| VAT_FORCE_EXCL function| VATFilter function| goToURL function| getPhrase function| getFracPart function| myRound function| myFormatCurrencyStr function| number_format function| removeIOSRubberEffect object| html5 object| Modernizr function| Spinner object| jQuery1110047332737904031164 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| $menuWrapper

10 Cookies

Domain/Path Name / Value
rofa.fi/ Name: Tawk_5d160d5c36eab9721119b53c
Value: vs18.tawk.to::0
.rofa.fi/ Name: __tawkuuid
Value: e::rofa.fi::B6Z9cL7h27EKzyDmynVPIQFA0LNZBgJK4vbgeQcF2MPdDBTJxuEA0zVanxY5sDuM::2
rofa.fi/ Name: TawkConnectionTime
Value: 0
.rofa.fi/ Name: _gat_UA-35241193-1
Value: 1
.rofa.fi/ Name: _ga
Value: GA1.2.1029335596.1582644001
.rofa.fi/ Name: _gat_gtag_UA_139348798_1
Value: 1
rofa.fi/ Name: scriptsloaded
Value: 1469
.rofa.fi/ Name: _gcl_au
Value: 1.1.2058761543.1582644001
.rofa.fi/ Name: _gid
Value: GA1.2.11057420.1582644001
.rofa.fi/ Name: _fbp
Value: fb.1.1582644001370.766853694

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rofa.fi
stats.g.doubleclick.net
va.tawk.to
vs18.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.23.130
185.20.12.102
2606:4700:10::6814:f34f
2606:4700::6810:5614
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81d::200a
2a00:1450:400c:c0a::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
081f81a80a88f37bf9c2aca000e009a99952a0f6a4f0daecd5f8ca9e022027bb
0f1cb9dc668737a606fd7918a509629596e2ccea9797113d51c0705060579018
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14bda7fd42eae25671a79a99196e9ba11d3db0daefbe9b10863b05c4499c7e6f
1a3327a0da2182d7fdc14c2d9fd2325327fdd0369db554a35dc00f4636db2f18
1dc579c6ff41139b75e3f01ed6fdff58b7efded68729ac8f1d26415277b53ed5
200266c679360639dbed7396f00b384829c605bc126233739d0c3c1167cfae4f
286608a2d92b885384c76fdcb54a97ee91c4b97d9b7de6ec40ce2307b71f43cb
2f00acc755b297fe28c794956a8e1220ea01d4d24beec5453475b561103db9a1
3de112b91be025839c0b2277e1c05f052737c873a591bf7b21ab5571b9910460
4b954ffbd1454509961e5f9a85f5e95d4b3bfc4cb2632ce1577e5ffae5ec00fd
4ef55f66b2fd65f7c3584b9a2974a3429eaca7566875bc2e79b16b70e0cf9457
4fdfc2080c45d67e7f7fdd68cea212e017bc47b93f11a66895108bb66b43d814
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5420b0952cc402bc9176459b4d3bf5af7ac79205a70ed83e0a296837db7b9ee7
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d65d52cd7f0f2d81d3cbff869acb356f05924f4979f7329ffb6fc2ab884bfd9
5e29c3cba1c35f25383bcbe26e99cbca3e126567dc6c5416af291c51ca7e00c3
6aea039e75067bd1457cf090a84aa2c1a449b361a40fbec8eeeb090ad5f5f891
6c4e6476a8e3a487d6c89f19f3e9ab1bf049af17d727b202257994563b0550a3
7553846e23483f48b351ba03a548d18e93a2e72198f780c095cf6ab5e289e4a4
785ecac2b4476c6181205281b1aaba1de7f87c4756c68e34b80300860fec5e8f
846d265480cef20c2a07c80434ddcd8b008de95171ca232f46accbe284e98a69
86e4fa714c3a4dea3e73f8a08acbf8cc912aba02b27bc72af190036019ea5167
881017c32647b65841ee89300616186765702ce887b4099c82e5b63f843e3227
8f62b13c046b2140787cb492b930499ca5be4115bb6bbc231ad6c4891aa5eba9
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
94f7a154022a8e4914cf6913fbd39132d485dbd4cd2b080c0a0e83ef6f9e58bb
967f31692fbbf9aa3f0e5bfbbcc89c860bf1fd1cb6763ea6e48350439955c439
9a63731dacc22aa15e80b9bd7fbe05ad81df9a5aa897a705888cfd97271052b3
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a52f2bd4fc5719e39d9f6af058f0ef5acba176690e65d1deb3ed15c3056afa9c
a59d8917edd40967f668b0c0d89eab05cc230e61356b3c76d69aae54d9f742f2
a77f1a4d48fcce7c78dbddf8701281e121cc98320d28bd9bb3875b451233867c
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b15821f3aa8634d020ee6cf4e13f1bb3cb9e9423ff6c43de2b73b89573b544e5
b1f69cb631d1cc88e311ffc95a814d46912207429182be7ce21fdfab5292bc2a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c3b424e7c1ca09ee0d249e70996e336d65a1aeb120152f29bd4bed4caaf40894
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d45d08427807dd9ac5505b63b23af9a71a46787478f27239e9c900251f45ff16
d75cc7f1860543936e87f46be0128d35f5cb04962a436d47d21ac53bb9ed7c22
dae240e8d40702f7254afe8ace36b8e84c9b54c59be4aa2cda3b5836d9453cd3
e4352b4f76fd182f070b655fa2b228b96a97343050484ebae925760971a622bc
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6d6c537f148cc828a841b81b0026a0127c45933b4fb0fdac2bab7ac4890f0e1
f8367db44d8dcfc55a5c67ec41d35532deeeb34b7c4851d16546199c45ede5ec
f9c9a879835e5faa19702c0b3762cd1bbf147b94a5d81b0e161fcd4386ea97a8
fc4c85e6ca0dcec8721a6bc0ff297870a7e1270e50530a708f83e736d55f5fd1