URL: https://www.luottopaatos.fi/
Submission: On November 25 via automatic, source certstream-suspicious — Scanned from FI

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 84 HTTP transactions. The main IP is 213.138.134.37, located in Finland and belongs to Fujitsu Invia Finland IP-network, EU. The main domain is www.luottopaatos.fi.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 20th 2024. Valid for: a year.
This is the only time www.luottopaatos.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 213.138.134.37 1342 (Fujitsu I...)
23 172.67.15.14 13335 (CLOUDFLAR...)
2 142.250.185.136 15169 (GOOGLE)
1 18.66.102.51 16509 (AMAZON-02)
2 104.18.87.42 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
4 216.239.34.36 15169 (GOOGLE)
1 13.32.27.21 16509 (AMAZON-02)
1 18.66.112.79 16509 (AMAZON-02)
1 172.64.155.119 13335 (CLOUDFLAR...)
84 11
Apex Domain
Subdomains
Transfer
42 luottopaatos.fi
www.luottopaatos.fi
front-end.luottopaatos.fi
14 MB
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 11098
va.tawk.to — Cisco Umbrella Rank: 10657
257 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
11 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
182 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
316 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181
231 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
41 KB
84 9
Domain Requested by
31 www.luottopaatos.fi www.luottopaatos.fi
18 embed.tawk.to www.luottopaatos.fi
embed.tawk.to
11 front-end.luottopaatos.fi www.luottopaatos.fi
5 va.tawk.to www.luottopaatos.fi
4 region1.google-analytics.com www.luottopaatos.fi
2 cdn.cookielaw.org www.googletagmanager.com
www.luottopaatos.fi
cdn.cookielaw.org
2 www.googletagmanager.com www.luottopaatos.fi
www.googletagmanager.com
1 geolocation.onetrust.com www.luottopaatos.fi
1 vc.hotjar.io www.luottopaatos.fi
1 script.hotjar.com static.hotjar.com
1 cdn.jsdelivr.net embed.tawk.to
1 static.hotjar.com www.googletagmanager.com
84 12
Subject Issuer Validity Valid
*.luottopaatos.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-20 -
2025-02-28
a year crt.sh
tawk.to
WE1
2024-11-19 -
2025-02-17
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
cookielaw.org
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh
geolocation.onetrust.com
WE1
2024-10-11 -
2025-01-09
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.luottopaatos.fi/
Frame ID: B3F161547921CAE0880AD222BFE154D9
Requests: 79 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Frame ID: 6773D3827F179643052B1C9705D4D9D2
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Frame ID: 04A2F6307A03E0AEAF7427AF94187A01
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Frame ID: 8CE8D598667C8E5451D7C0AF6388686C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Luottopaatos.fi - Intrum luottotietopalvelu

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

15222 kB
Transfer

29499 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.luottopaatos.fi/
6 KB
4 KB
Document
General
Full URL
https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
f95b4a26ef286587e67bb94cc154a67506e70a71d7b404fb31a629326eb621e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
2551
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
content-type
text/html
date
Mon, 25 Nov 2024 07:40:13 GMT
etag
"80ecaf477a21db1:0"
last-modified
Fri, 18 Oct 2024 16:25:01 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
runtime.d671a264a69bc65a.js
www.luottopaatos.fi/
3 KB
3 KB
Script
General
Full URL
https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
f20d996996aab209b06ea927b5c8b732d92c4c541efe1869abc2f51b2e55b826
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"416e7b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
3281
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
polyfills.55ae84c65e6e7c2a.js
www.luottopaatos.fi/
44 KB
45 KB
Script
General
Full URL
https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
a091c9a9b7600b49c4954e6b0d91c74d61e0c209c5f0dbe2663264d9d14f30f0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"32477b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
45556
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
scripts.439c056125b9e5f5.js
www.luottopaatos.fi/
138 KB
138 KB
Script
General
Full URL
https://www.luottopaatos.fi/scripts.439c056125b9e5f5.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
18cf9dd84254bda5486fb5d4680fd4802ec1773bfb20485353ca4230392b98e8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"32477b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
141120
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
main.7d9754b7ca4bfe37.js
www.luottopaatos.fi/
2 MB
2 MB
Script
General
Full URL
https://www.luottopaatos.fi/main.7d9754b7ca4bfe37.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
a06956df204582726d5149f8419a3503fab2e20658fe16b98876808dad070398
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"32477b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
1661196
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
styles.c05cb9256098ba07.css
www.luottopaatos.fi/
298 KB
298 KB
Stylesheet
General
Full URL
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
a0fcb8e8e1dcd0ce04f857fd92db7ac0de37f55ce76c63752224a74ef7d74460
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"416e7b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
305282
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
default
embed.tawk.to/598aad51dbb01a218b4db732/
2 KB
986 B
Script
General
Full URL
https://embed.tawk.to/598aad51dbb01a218b4db732/default
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2dd92030c03ac37fb80cecd3bd6cfc4aaaf4479b1c1fc9e09b9d1c22601e9dc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=3600
content-encoding
gzip
cf-cache-status
HIT
etag
W/"stable-v4-67354992019"
age
4222
x-content-type-options
nosniff
cf-ray
8e7ffd5c5acf8d90-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:16 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
cloudflare
IntrumSans-Regular.068897f2df7db191.woff2
www.luottopaatos.fi/
18 KB
18 KB
Font
General
Full URL
https://www.luottopaatos.fi/IntrumSans-Regular.068897f2df7db191.woff2
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
7d80e5821cf73adad276a8ca35998a79be158f90d56b4696e3d4b6daea4d319f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"e25773427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
18552
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/font-woff2
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
fi-FI.json
front-end.luottopaatos.fi/media/translations/
122 KB
123 KB
XHR
General
Full URL
https://front-end.luottopaatos.fi/media/translations/fi-FI.json?ts=1732520417337
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
e4d34be5d6815ea6348b2ab23c4876d9bfc742485d326784d8b7a806fe191793
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json
last-modified
Mon, 04 Nov 2024 11:52:22 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
124971
content-language
fi-FI
en-US.json
front-end.luottopaatos.fi/media/translations/
115 KB
115 KB
XHR
General
Full URL
https://front-end.luottopaatos.fi/media/translations/en-US.json?ts=1732520417337
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
95f2af1098d10255f18ac8d2a10c41b94ad7b3207915fc839f871576ca5bf837
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
en-US
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json
last-modified
Mon, 04 Nov 2024 11:51:48 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
117633
content-language
en-US
sv-FI.json
front-end.luottopaatos.fi/media/translations/
123 KB
123 KB
XHR
General
Full URL
https://front-end.luottopaatos.fi/media/translations/sv-FI.json?ts=1732520417337
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
d2b44f7231172fc6a7c190d53a3d1439ae03166f1159af956737ba3dc84eca8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
sv-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json
last-modified
Mon, 04 Nov 2024 11:50:51 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
126183
content-language
sv-FI
config.json
www.luottopaatos.fi/assets/
41 B
157 B
XHR
General
Full URL
https://www.luottopaatos.fi/assets/config.json
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
b714469be0e41c887870c8287e317feca8abbf4c3f3d3868444a31bd4da51cac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"d81ff4907921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
41
date
Mon, 25 Nov 2024 07:40:16 GMT
content-type
application/json
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
styles.c05cb9256098ba07.css
www.luottopaatos.fi/
298 KB
0
Stylesheet
General
Full URL
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
a0fcb8e8e1dcd0ce04f857fd92db7ac0de37f55ce76c63752224a74ef7d74460
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"416e7b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
305282
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
twk-main.js
embed.tawk.to/_s/v4/app/67354992019/js/
121 B
192 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"da5bb1dc647470204df0e49f5afac2de"
age
179524
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd6138828d90-HEL
access-control-allow-origin
*
server
cloudflare
twk-vendor.js
embed.tawk.to/_s/v4/app/67354992019/js/
81 KB
32 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
age
950129
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd6138888d90-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/67354992019/js/
212 KB
71 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"77a40166698f808a0942865537165b0f"
age
950129
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd61388b8d90-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-common.js
embed.tawk.to/_s/v4/app/67354992019/js/
223 KB
63 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ae0a97d1265892fc012190aa72881581"
age
950129
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd61388e8d90-HEL
access-control-allow-origin
*
server
cloudflare
twk-runtime.js
embed.tawk.to/_s/v4/app/67354992019/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"895415bbe1b8cf97aef258d17cb33187"
age
950129
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd6138908d90-HEL
access-control-allow-origin
*
server
cloudflare
twk-app.js
embed.tawk.to/_s/v4/app/67354992019/js/
151 B
213 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/598aad51dbb01a218b4db732/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
age
306519
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd6138938d90-HEL
access-control-allow-origin
*
server
cloudflare
favicon.png
www.luottopaatos.fi/
3 KB
3 KB
Other
General
Full URL
https://www.luottopaatos.fi/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
ed3655159cf34a0995928a474f1015c9910054f916a5713f5fcd9d4650215a41
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"65ae17917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
2721
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/png
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
widget-settings
va.tawk.to/v1/
2 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=598aad51dbb01a218b4db732&widgetId=default&sv=null
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7876024da68ac1db2ea7d59393ae43cc14e47451684aabf4b4efef71eb4dca5a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2-25-0"
age
350
access-control-allow-methods
GET,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:18 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-b6sc
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8e7ffd64cc658d90-HEL
access-control-allow-origin
*
server
cloudflare
start
va.tawk.to/v1/session/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.luottopaatos.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.luottopaatos.fi
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8e7ffd64cc648d90-HEL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 07:40:18 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-lxq5
start
va.tawk.to/v1/session/
1 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397b2a11456b54d86472d63e35ffec2b0f6d65bbd27516dcf67174ce28b6880b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://www.luottopaatos.fi/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-zw9l
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8e7ffd6bfbe58d82-HEL
access-control-allow-origin
https://www.luottopaatos.fi
server
cloudflare
fi.js
embed.tawk.to/_s/v4/app/67354992019/languages/
16 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/languages/fi.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6d82ef51c1e1494dd391f576fa3e6cb68e1d5c6a6edd7a491cabc506a16846
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"b2606469bbb13e2759a028eb3069a16e"
age
12370
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd6c6c568d92-HEL
access-control-allow-origin
*
server
cloudflare
IntrumSans-Regular.068897f2df7db191.woff2
www.luottopaatos.fi/
18 KB
0
Font
General
Full URL
https://www.luottopaatos.fi/IntrumSans-Regular.068897f2df7db191.woff2
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
7d80e5821cf73adad276a8ca35998a79be158f90d56b4696e3d4b6daea4d319f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css

Response headers

content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"e25773427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
18552
date
Mon, 25 Nov 2024 07:40:15 GMT
content-type
application/font-woff2
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
MaterialIcons-Regular.7ea2023eeca07427.woff2
www.luottopaatos.fi/
43 KB
43 KB
Font
General
Full URL
https://www.luottopaatos.fi/MaterialIcons-Regular.7ea2023eeca07427.woff2
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"bc973427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
44300
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/font-woff2
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
IntrumSans-Medium.8605e354101755d6.woff2
www.luottopaatos.fi/
18 KB
18 KB
Font
General
Full URL
https://www.luottopaatos.fi/IntrumSans-Medium.8605e354101755d6.woff2
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
01a5c84f5e3a3eb973deb9ec268551eb9bbcff82dc5af340a0631f850022ee95
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"7cd73427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
18412
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/font-woff2
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
getVisibility
front-end.luottopaatos.fi/content/
202 B
272 B
XHR
General
Full URL
https://front-end.luottopaatos.fi/content/getVisibility?guestOnly=true
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
e33b9d7557a8d19fe0eeae0cff96e4dd1633f66f1d15c15e6f58e645d368c220
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
202
content-language
fi-FI
social-media-linkedin.svg
www.luottopaatos.fi/assets/img/icons/24/black/
689 B
759 B
Image
General
Full URL
https://www.luottopaatos.fi/assets/img/icons/24/black/social-media-linkedin.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
405e8bf1c2b06be2ab8a71cb39366688c523ba26d9155d8e537e2b0ba254f23f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"46105917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
689
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
social-media-instagram.svg
www.luottopaatos.fi/assets/img/icons/24/black/
993 B
1 KB
Image
General
Full URL
https://www.luottopaatos.fi/assets/img/icons/24/black/social-media-instagram.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
7ecf454320e83ff6efeb66b246eb37a5eff1900686b46cc49c07511a093445a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"62e94917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
993
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
social-media-twitter.svg
www.luottopaatos.fi/assets/img/icons/24/black/
894 B
937 B
Image
General
Full URL
https://www.luottopaatos.fi/assets/img/icons/24/black/social-media-twitter.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
2e9889eab866d75ce39d690459a193dc231146a3c6f1011ceedec80ff3104f1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"46105917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
894
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
intrum_logo_black.svg
www.luottopaatos.fi/assets/img/
2 KB
2 KB
Image
General
Full URL
https://www.luottopaatos.fi/assets/img/intrum_logo_black.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
7e3ab747128db084d13cc87106420f2d116eecbea39227515e1990a74a08bb1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"4f62a917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
1704
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
intrum_logo_white.svg
www.luottopaatos.fi/assets/img/
1 KB
1 KB
Image
General
Full URL
https://www.luottopaatos.fi/assets/img/intrum_logo_white.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
1986767b33039d15405753271cf1b520376f7e0e72abce34e1f5ddd00f1e2a46
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"168da917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
1161
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
239 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRCR9W3
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/main.7d9754b7ca4bfe37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c90463b0cad9452e8b9c867634473f3a346aeaf87a790bb1f506f37e8b43b5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 07:40:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85968
x-xss-protection
0
server
Google Tag Manager
notifications
front-end.luottopaatos.fi/content/
2 B
48 B
XHR
General
Full URL
https://front-end.luottopaatos.fi/content/notifications?guestOnly=true
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
2
content-language
fi-FI
news
front-end.luottopaatos.fi/content/
1 KB
1 KB
XHR
General
Full URL
https://front-end.luottopaatos.fi/content/news?skip=0&take=5&carouselOnly=true&guestOnly=true
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
f44182ae6f4334f3252673b27bf393f1ea38bcbce71ac2fc0522f0ac595fa487
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
1337
content-language
fi-FI
promotions
front-end.luottopaatos.fi/content/
898 B
946 B
XHR
General
Full URL
https://front-end.luottopaatos.fi/content/promotions?guestOnly=true
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
9022d3a8b8fbdc11335ac6136d0b4b28b7717b9703ce5b5d592bb85a6d9b950b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.luottopaatos.fi/
Accept-Language
fi-FI
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
898
content-language
fi-FI
search.5f5994437413e260.svg
www.luottopaatos.fi/
743 B
807 B
Image
General
Full URL
https://www.luottopaatos.fi/search.5f5994437413e260.svg
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
95d0374c58d3d704bb1c17ab3cc2910fa81d6e3a3e73632582b081d24ea7fe99
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"23207b427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
743
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
IntrumSans-Bold.188568e668324346.woff2
www.luottopaatos.fi/
18 KB
19 KB
Font
General
Full URL
https://www.luottopaatos.fi/IntrumSans-Bold.188568e668324346.woff2
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/styles.c05cb9256098ba07.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
18843e65ce1ff97fa06093794c60db4d91566d3c0b6a996ebf97d6b06771adda
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/styles.c05cb9256098ba07.css

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"314274427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
18468
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/font-woff2
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
favicon.png
www.luottopaatos.fi/
3 KB
0
Other
General
Full URL
https://www.luottopaatos.fi/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
ed3655159cf34a0995928a474f1015c9910054f916a5713f5fcd9d4650215a41
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"65ae17917921db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
2721
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
image/png
last-modified
Fri, 18 Oct 2024 16:19:54 GMT
x-frame-options
SAMEORIGIN
262.0a34c52c2523a369.js
www.luottopaatos.fi/
45 KB
45 KB
Script
General
Full URL
https://www.luottopaatos.fi/262.0a34c52c2523a369.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
e36424b1194189c4fd1bab75741eea9f853e23c4a7155e645dcfb7fcd612620d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"c2a67c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
46158
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
572.166e9c1360c86f94.js
www.luottopaatos.fi/
19 KB
20 KB
Script
General
Full URL
https://www.luottopaatos.fi/572.166e9c1360c86f94.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
9551176ab6628677e76ecb267492849b1b25a1a746138d89cfa118e3907198c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"c2a67c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
19885
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
952.f3d195f10e3023ef.js
www.luottopaatos.fi/
5 KB
6 KB
Script
General
Full URL
https://www.luottopaatos.fi/952.f3d195f10e3023ef.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
4e38f989fe294550f46f7bfca11de1a5945654a424591dc48d621425e77a81fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"c2a67c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
5629
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
332.2965abdfdbae7a4c.js
www.luottopaatos.fi/
10 KB
10 KB
Script
General
Full URL
https://www.luottopaatos.fi/332.2965abdfdbae7a4c.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
234ef816e28f4b5026cfdc96a88c729b418c82bca361630835e077f004dbd278
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"c2a67c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
10144
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
939.25033f9403c851d7.js
www.luottopaatos.fi/
11 KB
11 KB
Script
General
Full URL
https://www.luottopaatos.fi/939.25033f9403c851d7.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
01010b4489d9f16651a9926142a7317920c2d2a7da9cc613eeba19e576a18b71
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"c2a67c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
11129
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
106.87f8f24750b78e57.js
www.luottopaatos.fi/
12 KB
12 KB
Script
General
Full URL
https://www.luottopaatos.fi/106.87f8f24750b78e57.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
23f43442b9882b24d94bd29c88661a86633e5613fd1f78701991d1e4b4a33c73
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"d1cd7c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
12427
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
650.902d24092bc46a87.js
www.luottopaatos.fi/
293 KB
293 KB
Script
General
Full URL
https://www.luottopaatos.fi/650.902d24092bc46a87.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
26e2223ccb861b436e8fd86305448e3582b2b399a261e22cdc68a9f52f55fd29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"d1cd7c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
300244
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
313.ceeca4fdc17b72dc.js
www.luottopaatos.fi/
37 KB
37 KB
Script
General
Full URL
https://www.luottopaatos.fi/313.ceeca4fdc17b72dc.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
5527bd6ff8520c2591f9bb7a507ac0a634a74c9f59e277dcb1a9ec3304ffc961
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"d1cd7c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
38187
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
common.fee2a1dfb7ff0fb3.js
www.luottopaatos.fi/
1 KB
1 KB
Script
General
Full URL
https://www.luottopaatos.fi/common.fee2a1dfb7ff0fb3.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
2106103ef8a3362c3dece4c507908e9f40ea7bc03f31f53fb78b57a1e9abd183
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"d1cd7c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
1265
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
176.56522e68b39b2593.js
www.luottopaatos.fi/
43 KB
43 KB
Script
General
Full URL
https://www.luottopaatos.fi/176.56522e68b39b2593.js
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/runtime.d671a264a69bc65a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
2092f126adcd35187bcf45db359653028281c8aa7adbc620200efc932e1299f6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.luottopaatos.fi
Referer
https://www.luottopaatos.fi/fi-FI

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
etag
"ab7f7c427a21db1:0"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
44107
date
Mon, 25 Nov 2024 07:40:17 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 16:24:52 GMT
x-frame-options
SAMEORIGIN
intrum_brand_landscapes_002.jpg
front-end.luottopaatos.fi/media/1059/
364 KB
0
Image
General
Full URL
https://front-end.luottopaatos.fi/media/1059/intrum_brand_landscapes_002.jpg?width=700
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:19 GMT
date
Mon, 25 Nov 2024 07:40:18 GMT
content-type
image/jpeg
last-modified
Wed, 14 Aug 2019 11:52:53 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
12714422
content-language
fi-FI
intrum_brand_individuals_007.jpg
front-end.luottopaatos.fi/media/1045/
11 MB
11 MB
Image
General
Full URL
https://front-end.luottopaatos.fi/media/1045/intrum_brand_individuals_007.jpg?width=700
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
de605ced64abb9edb988011d205da8e005197dc8645c062598f5017f0c0292b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:19 GMT
date
Mon, 25 Nov 2024 07:40:18 GMT
content-type
image/jpeg
last-modified
Wed, 14 Aug 2019 11:51:51 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
11870713
content-language
fi-FI
intrum_brand_landscapes_003.jpg
front-end.luottopaatos.fi/media/1060/
12 MB
0
Image
General
Full URL
https://front-end.luottopaatos.fi/media/1060/intrum_brand_landscapes_003.jpg?width=700
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:19 GMT
date
Mon, 25 Nov 2024 07:40:18 GMT
content-type
image/jpeg
last-modified
Wed, 14 Aug 2019 11:52:57 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
14608497
content-language
fi-FI
intrum_comm_environments_007_rm.jpg
front-end.luottopaatos.fi/media/0o4jfpne/
255 KB
0
Image
General
Full URL
https://front-end.luottopaatos.fi/media/0o4jfpne/intrum_comm_environments_007_rm.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.138.134.37 , Finland, ASN1342 (Fujitsu Invia Finland IP-network, EU),
Reverse DNS
213138134037.edelkey.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-allow-methods
OPTIONS, TRACE, GET, HEAD, POST, PATCH, PUT, DELETE
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 19:40:18 GMT
date
Mon, 25 Nov 2024 07:40:18 GMT
content-type
image/jpeg
last-modified
Wed, 12 Oct 2022 12:36:29 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
authorization,content-type,cis-client-number,accept-language
strict-transport-security
max-age=15552001; includeSubDomains; preload
content-security-policy
default-src 'self' *.bootstrapcdn.com *.cloudflare.com *.jquery.com 'unsafe-inline';
cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
public
PATCH, PUT, DELETE
allow
PATCH, PUT, DELETE
access-control-allow-origin
*
content-length
1577301
content-language
fi-FI
intrum_presentation_imagery_053_rf.jpg
front-end.luottopaatos.fi/media/5rymaczq/
0
0

intrum_landscapes_046_rf.jpg
front-end.luottopaatos.fi/media/3tpgga2g/
0
0

twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/67354992019/js/
10 KB
3 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c96127c9a0429d69fecbeb73fd410443"
age
445450
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd7028538d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/67354992019/js/
18 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"adcf466d8e820d5dd8a7df9975fcba50"
age
180588
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8f58d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/67354992019/js/
5 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"977b0aa25f349861d14d837b480e5615"
age
439854
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8f78d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/67354992019/js/
17 KB
6 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d26f24b5583b0a809ef3db128cbf6a06"
age
269302
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
STALE
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8f88d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/67354992019/js/
906 B
502 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
age
111503
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8fb8d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/67354992019/js/
535 B
423 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c506281367048d4a134c9affbc68c8c6"
age
99671
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8fd8d92-HEL
access-control-allow-origin
*
server
cloudflare
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/67354992019/js/
120 KB
31 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ad43e469764eb884ca6ab070740c1931"
age
363659
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:19 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd70d8fe8d92-HEL
access-control-allow-origin
*
server
cloudflare
js
www.googletagmanager.com/gtag/
288 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QX23096REW&l=dataLayer&cx=c&gtm=45He4bk0v811078528za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRCR9W3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7a38b44b532fcc470eecb1aa07a1e8b6723320b070eb67efe2a69199680ab592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 07:40:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99660
x-xss-protection
0
server
Google Tag Manager
hotjar-1749743.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1749743.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRCR9W3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
b7e4a23818f05b3ab4880f3392f695af2a150333db14eee47d6dd7cf8b3af494
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/e88ff21603ba595cc8775f3f1ac810b9
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
vvoZ_44ZUdgk5-gpUsveH14f4-qw-Mt-kuOlrE1bAIMHPyGeN_Ri4Q==
date
Mon, 25 Nov 2024 07:40:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRCR9W3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-md5
Vo/d0f3ZefkwyML/PnJnjg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD0B69AEC814C6
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
19523
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 07:40:23 GMT
content-type
application/javascript
last-modified
Sat, 23 Nov 2024 02:51:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
57ee8ec9-501e-00fa-437b-3d5a6d000000
cf-ray
8e7ffd84780dd922-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
message-preview.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 6773
42 KB
10 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"313ec28abf9889abec5153d8318e8022"
age
104424
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:21 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd777fdc8d92-HEL
access-control-allow-origin
*
server
cloudflare
min-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 04A2
24 KB
6 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2d7f176b563b25833791f4844819b5ee"
age
358415
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:21 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd77e87a8d92-HEL
access-control-allow-origin
*
server
cloudflare
max-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 8CE8
79 KB
17 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d20ad407080e4c57efd32ce36955d7db"
age
370739
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:21 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8e7ffd77e8818d92-HEL
access-control-allow-origin
*
server
cloudflare
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
41 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age
5297281
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 25 Nov 2024 07:40:25 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220140-FRA, cache-hel1410027-HEL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
41275
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QX23096REW&gtm=45je4bk0v884879496za200zb811078528&_p=1732520418482&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1684273808.1732520422&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=BA&_s=1&sid=1732520422&sct=1&seg=0&dl=https%3A%2F%2Fwww.luottopaatos.fi%2Ffi-FI&dt=%2F&en=client_changed&_fv=1&_ss=1&ep.untranslated_page_path=%2F&ep.page_title_old=Luottopaatos.fi%20-%20Intrum%20luottotietopalvelu&up.client_number=&tfd=7862
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.luottopaatos.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:25 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QX23096REW&gtm=45je4bk0v884879496za200zb811078528&_p=1732520418482&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1684273808.1732520422&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=BA&_s=2&sid=1732520422&sct=1&seg=0&dl=https%3A%2F%2Fwww.luottopaatos.fi%2Ffi-FI&dt=%2F&uid=&en=login&ep.untranslated_page_path=%2F&_et=5&ep.page_title_old=Luottopaatos.fi%20-%20Intrum%20luottotietopalvelu&up.username=&tfd=7927
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.luottopaatos.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:25 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QX23096REW&gtm=45je4bk0v884879496za200zb811078528&_p=1732520418482&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1684273808.1732520422&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Bg&_s=3&sid=1732520422&sct=1&seg=1&dl=https%3A%2F%2Fwww.luottopaatos.fi%2Ffi-FI&dt=%2F&en=page_view&ep.untranslated_page_path=%2F&ep.param_map=%5Bobject%20Object%5D&_et=15&ep.page_title_old=Luottopaatos.fi%20-%20Intrum%20luottotietopalvelu&up.page_locale=fi-FI&up.login_status=logged%20out&tfd=7935
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.luottopaatos.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:25 GMT
content-type
text/plain
server
Golfe2
modules.86621fa4aeada5bcf025.js
script.hotjar.com/
222 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1749743.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
408501
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
aevbqTyYwsxKtQy1VuRjQlY8u30fh1bZdQPm30BicSN-A_irk-F34g==
date
Wed, 20 Nov 2024 14:12:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
FRA56-C2
v3
va.tawk.to/log-performance/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.luottopaatos.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.luottopaatos.fi
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8e7ffd8bcd7d8d90-HEL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 07:40:24 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-4t3w
v3
va.tawk.to/log-performance/
5 B
132 B
Fetch
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://www.luottopaatos.fi/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 07:40:26 GMT
content-type
text/html; charset=utf-8
x-served-by
visitor-application-preemptive-c94z
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8e7ffd96489f8d90-HEL
access-control-allow-origin
https://www.luottopaatos.fi
server
cloudflare
b45585fb-af1d-4d6c-b6da-8da827a83747.json
cdn.cookielaw.org/consent/b45585fb-af1d-4d6c-b6da-8da827a83747/
15 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b45585fb-af1d-4d6c-b6da-8da827a83747/b45585fb-af1d-4d6c-b6da-8da827a83747.json
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a88cb25aa2f131b630f805168b817f6e4300511ec0dac02b4cfee718edddc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

content-md5
PNy+oVZuzuNkWDw/Smh6xw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC74D42C862303
age
80487
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 26 Nov 2024 07:40:27 GMT
date
Mon, 25 Nov 2024 07:40:27 GMT
content-type
application/json
last-modified
Wed, 15 May 2024 11:43:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
c969aa1d-701e-0065-788c-2622d7000000
cf-ray
8e7ffda2a9b14c78-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2521
x-ms-blob-type
BlockBlob
server
cloudflare
intrum_landscapes_046_rf.jpg
front-end.luottopaatos.fi/media/3tpgga2g/
0
0

collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QX23096REW&gtm=45je4bk0v884879496za200zb811078528&_p=1732520418482&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1684273808.1732520422&ul=fi-fi&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=4&sid=1732520422&sct=1&seg=1&dl=https%3A%2F%2Fwww.luottopaatos.fi%2Ffi-FI&dt=%2F&en=etusivu&ep.untranslated_page_path=%2F&ep.param_map=%5Bobject%20Object%5D&_et=4&ep.page_title_old=Luottopaatos.fi%20-%20Intrum%20luottotietopalvelu&tfd=12947
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.luottopaatos.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:40:27 GMT
content-type
text/plain
server
Golfe2
1749743
vc.hotjar.io/sessions/
0
231 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/1749743?s=0.25&r=0.2121407300466438
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.luottopaatos.fi/

Response headers

via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
J9FgjtQ7qepmmLoLcBXX2-VIEis4uK2ySx8PVuC0Gfil_pmaquO1vw==
date
Mon, 25 Nov 2024 07:40:32 GMT
x-amz-cf-pop
FRA56-P5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
68 B
316 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.luottopaatos.fi
URL: https://www.luottopaatos.fi/polyfills.55ae84c65e6e7c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.luottopaatos.fi/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8e7ffdc4adc64e15-HEL
access-control-allow-origin
*
date
Mon, 25 Nov 2024 07:40:33 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
intrum_comm_environments_007_rm.jpg
front-end.luottopaatos.fi/media/0o4jfpne/
0
0

otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202405.1.0/
0
0

intrum_presentation_imagery_053_rf.jpg
front-end.luottopaatos.fi/media/5rymaczq/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
front-end.luottopaatos.fi
URL
https://front-end.luottopaatos.fi/media/5rymaczq/intrum_presentation_imagery_053_rf.jpg
Domain
front-end.luottopaatos.fi
URL
https://front-end.luottopaatos.fi/media/3tpgga2g/intrum_landscapes_046_rf.jpg
Domain
front-end.luottopaatos.fi
URL
https://front-end.luottopaatos.fi/media/3tpgga2g/intrum_landscapes_046_rf.jpg
Domain
front-end.luottopaatos.fi
URL
https://front-end.luottopaatos.fi/media/0o4jfpne/intrum_comm_environments_007_rm.jpg
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Domain
front-end.luottopaatos.fi
URL
https://front-end.luottopaatos.fi/media/5rymaczq/intrum_presentation_imagery_053_rf.jpg

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| Tawk_API object| Tawk_LoadStart object| webpackChunkintrum_webcis function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __Zone_enable_cross_context_check function| simpleParallax boolean| BisnodeSurveyCookieCheck string| BisnodeSurveyType string| BisnodeSurveyPutJSON number| BisnodeIFrameQuestionSetHeight number| BisnodeIFrameQuestionHeight function| BisnodeSurveyStartWithJSON function| BisnodeSurveyStartWithJSONNoCookie object| popsurvey function| bisnodeiframereceive function| $ function| jQuery object| GoogleMapsLoader function| SearchIndex function| Bloodhound object| __zone_symbol__scrollfalse string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| __zone_symbol__loadfalse function| Hammer function| saveAs function| flatpickr object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__storagefalse object| tawkJsonp object| __zone_symbol__beforeunloadfalse function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| __zone_symbol__messagefalse object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| dataLayer object| __zone_symbol__pointermovefalse object| __zone_symbol__pointerupfalse object| __zone_symbol__pointercancelfalse object| __zone_symbol__clickfalse object| __zone_symbol__beforeprintfalse object| __zone_symbol__afterprintfalse function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| OneTrustStub function| OptanonWrapper object| emojione object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

7 Cookies

Domain/Path Name / Value
www.luottopaatos.fi/ Name: twk_idm_key
Value: j-HD5kQCcDh37hI2w5N9v
www.luottopaatos.fi/ Name: TawkConnectionTime
Value: 0
.luottopaatos.fi/ Name: twk_uuid_598aad51dbb01a218b4db732
Value: %7B%22uuid%22%3A%221.WrygN2jWBb6TeNq1EsvnDA6n32xCQz9fJ90IY60c13oQTITwG4CRzcLFtX4tCoHyOZbQCc3EXZskHVR8ZGVhc6cGXOti7VIBFzIeacq9KnPgeoJbtVcHKqvIG%22%2C%22version%22%3A3%2C%22domain%22%3A%22luottopaatos.fi%22%2C%22ts%22%3A1732520419720%7D
.luottopaatos.fi/ Name: _ga
Value: GA1.1.1684273808.1732520422
.luottopaatos.fi/ Name: _ga_QX23096REW
Value: GS1.1.1732520422.1.1.1732520422.0.0.0
.luottopaatos.fi/ Name: _hjSessionUser_1749743
Value: eyJpZCI6IjAxMTJmZDY5LWYwYjEtNWM5Yy1hOGNhLTFiZDZjYzlkNTFmNCIsImNyZWF0ZWQiOjE3MzI1MjA0MjkxNTksImV4aXN0aW5nIjpmYWxzZX0=
.luottopaatos.fi/ Name: _hjSession_1749743
Value: eyJpZCI6Ijc3YTk0YWQxLWM4MzQtNDA2Yi1hMzg2LTQzYjdkMzc4NTg1YSIsImMiOjE3MzI1MjA0MjkxNTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' *.tawk.to https://fonts.googleapis.com cdn.jsdelivr.net https://googletagmanager.com https://tagmanager.google.com https://static.hotjar.com https://script.hotjar.com; script-src 'self' 'unsafe-inline' https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net https://www.googletagmanager.com https://tagmanager.google.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com https://static.hotjar.com https://script.hotjar.com https://*.googletagmanager.com blob:; frame-src *.tawk.to *.google.com; font-src 'self' *.tawk.to fonts.gstatic.com https://script.hotjar.com data:; img-src 'self' data: blob: *.groupad1.com:* *.luottopaatos.fi https://*.onetrust.com https://cdn.cookielaw.org *.tawk.to cdn.jsdelivr.net tawk.link https://googletagmanager.com https://*.googleapis.com *.google.com *.googleusercontent.com https://*.gstatic.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com data:; connect-src 'self' *.groupad1.com:* *.luottopaatos.fi https://cdn.cookielaw.org https://*.onetrust.com *.tawk.to *.intrum.com https://*.googleapis.com *.google.com wss://*.tawk.to https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com data: blob:; form-action *.tawk.to; worker-src 'self' blob:
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cdn.jsdelivr.net
embed.tawk.to
front-end.luottopaatos.fi
geolocation.onetrust.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
va.tawk.to
vc.hotjar.io
www.googletagmanager.com
www.luottopaatos.fi
cdn.cookielaw.org
front-end.luottopaatos.fi
104.18.87.42
13.32.27.21
142.250.185.136
151.101.65.229
172.64.155.119
172.67.15.14
18.66.102.51
18.66.112.79
213.138.134.37
216.239.34.36
01010b4489d9f16651a9926142a7317920c2d2a7da9cc613eeba19e576a18b71
01a5c84f5e3a3eb973deb9ec268551eb9bbcff82dc5af340a0631f850022ee95
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
18843e65ce1ff97fa06093794c60db4d91566d3c0b6a996ebf97d6b06771adda
18cf9dd84254bda5486fb5d4680fd4802ec1773bfb20485353ca4230392b98e8
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1986767b33039d15405753271cf1b520376f7e0e72abce34e1f5ddd00f1e2a46
2092f126adcd35187bcf45db359653028281c8aa7adbc620200efc932e1299f6
2106103ef8a3362c3dece4c507908e9f40ea7bc03f31f53fb78b57a1e9abd183
234ef816e28f4b5026cfdc96a88c729b418c82bca361630835e077f004dbd278
23f43442b9882b24d94bd29c88661a86633e5613fd1f78701991d1e4b4a33c73
26e2223ccb861b436e8fd86305448e3582b2b399a261e22cdc68a9f52f55fd29
2e9889eab866d75ce39d690459a193dc231146a3c6f1011ceedec80ff3104f1a
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
397b2a11456b54d86472d63e35ffec2b0f6d65bbd27516dcf67174ce28b6880b
405e8bf1c2b06be2ab8a71cb39366688c523ba26d9155d8e537e2b0ba254f23f
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
4e38f989fe294550f46f7bfca11de1a5945654a424591dc48d621425e77a81fb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
5527bd6ff8520c2591f9bb7a507ac0a634a74c9f59e277dcb1a9ec3304ffc961
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7876024da68ac1db2ea7d59393ae43cc14e47451684aabf4b4efef71eb4dca5a
7a38b44b532fcc470eecb1aa07a1e8b6723320b070eb67efe2a69199680ab592
7d80e5821cf73adad276a8ca35998a79be158f90d56b4696e3d4b6daea4d319f
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7e3ab747128db084d13cc87106420f2d116eecbea39227515e1990a74a08bb1f
7ecf454320e83ff6efeb66b246eb37a5eff1900686b46cc49c07511a093445a9
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
83a88cb25aa2f131b630f805168b817f6e4300511ec0dac02b4cfee718edddc6
9022d3a8b8fbdc11335ac6136d0b4b28b7717b9703ce5b5d592bb85a6d9b950b
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9551176ab6628677e76ecb267492849b1b25a1a746138d89cfa118e3907198c1
95d0374c58d3d704bb1c17ab3cc2910fa81d6e3a3e73632582b081d24ea7fe99
95f2af1098d10255f18ac8d2a10c41b94ad7b3207915fc839f871576ca5bf837
a06956df204582726d5149f8419a3503fab2e20658fe16b98876808dad070398
a091c9a9b7600b49c4954e6b0d91c74d61e0c209c5f0dbe2663264d9d14f30f0
a0fcb8e8e1dcd0ce04f857fd92db7ac0de37f55ce76c63752224a74ef7d74460
a2dd92030c03ac37fb80cecd3bd6cfc4aaaf4479b1c1fc9e09b9d1c22601e9dc
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
b714469be0e41c887870c8287e317feca8abbf4c3f3d3868444a31bd4da51cac
b7e4a23818f05b3ab4880f3392f695af2a150333db14eee47d6dd7cf8b3af494
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
c90463b0cad9452e8b9c867634473f3a346aeaf87a790bb1f506f37e8b43b5ee
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d2b44f7231172fc6a7c190d53a3d1439ae03166f1159af956737ba3dc84eca8b
de605ced64abb9edb988011d205da8e005197dc8645c062598f5017f0c0292b3
e33b9d7557a8d19fe0eeae0cff96e4dd1633f66f1d15c15e6f58e645d368c220
e36424b1194189c4fd1bab75741eea9f853e23c4a7155e645dcfb7fcd612620d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
e4d34be5d6815ea6348b2ab23c4876d9bfc742485d326784d8b7a806fe191793
eb6d82ef51c1e1494dd391f576fa3e6cb68e1d5c6a6edd7a491cabc506a16846
ed3655159cf34a0995928a474f1015c9910054f916a5713f5fcd9d4650215a41
f20d996996aab209b06ea927b5c8b732d92c4c541efe1869abc2f51b2e55b826
f44182ae6f4334f3252673b27bf393f1ea38bcbce71ac2fc0522f0ac595fa487
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f95b4a26ef286587e67bb94cc154a67506e70a71d7b404fb31a629326eb621e1
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad