Submitted URL: http://www.if.ee/eraklient
Effective URL: https://www.if.ee/eraklient
Submission: On July 15 via manual from FI

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 81 HTTP transactions. The main IP is 194.215.38.135, located in Finland and belongs to TSF-IP-CORE Telia Finland Oyj, EU. The main domain is www.if.ee.
TLS certificate: Issued by DigiCert Global CA G2 on April 7th 2020. Valid for: a year.
This is the only time www.if.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 26 194.215.38.135 1759 (TSF-IP-CO...)
10 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::10 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:2800:233... 15133 (EDGECAST)
8 34.96.102.137 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.89.94 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2a03:2880:f12... 32934 (FACEBOOK)
12 5.9.235.235 24940 (HETZNER-AS)
1 40.79.138.41 8075 (MICROSOFT...)
1 2a03:2880:f02... 32934 (FACEBOOK)
2 35.221.11.9 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 52.218.29.18 16509 (AMAZON-02)
81 20
Domain Requested by
26 www.if.ee 3 redirects www.if.ee
9 service.giosg.com www.if.ee
az416426.vo.msecnd.net
service.giosg.com
9 cdnsc.azureedge.net www.if.ee
8 dev.visualwebsiteoptimizer.com www.if.ee
dev.visualwebsiteoptimizer.com
az416426.vo.msecnd.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.if.ee
2 api.giosg.com dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
2 giosg-chat-public-eu.s3.amazonaws.com dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
2 r2.visualwebsiteoptimizer.com az416426.vo.msecnd.net
2 www.facebook.com 1 redirects www.if.ee
2 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
2 connect.facebook.net www.if.ee
connect.facebook.net
2 v.imgi.no www.if.ee
1 dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com service.giosg.com
1 3516.clients.giosgusercontent.com service.giosg.com
1 cx.atdmt.com
1 dc.services.visualstudio.com az416426.vo.msecnd.net
1 crms-cdn.azureedge.net ajax.googleapis.com
1 geolocation.onetrust.com ajax.googleapis.com
1 www.googletagmanager.com www.if.ee
1 az416426.vo.msecnd.net www.if.ee
1 dl.episerver.net www.if.ee
1 if-vid-brand-cdn.azureedge.net www.if.ee
1 ajax.googleapis.com www.if.ee
81 23
Subject Issuer Validity Valid
www.if.ee
DigiCert Global CA G2
2020-04-07 -
2021-04-08
a year crt.sh
*.azureedge.net
Microsoft IT TLS CA 5
2019-01-24 -
2021-01-24
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-30 -
2020-09-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-11 -
2021-07-11
a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-04-16 -
2022-04-21
2 years crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2020-06-19 -
2022-07-06
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-30 -
2020-09-22
3 months crt.sh
v.imgi.no
Amazon
2020-06-11 -
2021-07-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
sni9451gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-05-07 -
2021-05-12
a year crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA
2020-05-21 -
2022-07-27
2 years crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2
2019-06-20 -
2021-08-19
2 years crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4
2020-04-30 -
2022-04-30
2 years crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2020-06-25 -
2020-09-23
3 months crt.sh
*.clients.giosgusercontent.com
Starfield Secure Certificate Authority - G2
2019-08-08 -
2021-08-08
2 years crt.sh
*.interactions.giosgusercontent.com
Amazon
2020-04-19 -
2021-05-19
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2021-03-12
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.if.ee/eraklient
Frame ID: 79024C0A4C0C59F063DFB7921676F4E7
Requests: 91 HTTP requests in this frame

Frame: https://3516.clients.giosgusercontent.com/cd/3516/3bl2j/?url=https%3A%2F%2Fwww.if.ee%2Feraklient&dialog_id=8936
Frame ID: 849D182CDFD3FBA4EF2AB80E1B12100D
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.if.ee/eraklient HTTP 301
    https://www.if.ee/eraklient Page URL

Page Statistics

81
Requests

99 %
HTTPS

63 %
IPv6

18
Domains

23
Subdomains

20
IPs

5
Countries

1803 kB
Transfer

5531 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.if.ee/eraklient HTTP 301
    https://www.if.ee/eraklient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.if.ee/frontend/distribution/fonts/IfSans-Variable.woff2 HTTP 301
  • https://www.if.ee/frontend/distribution/fonts/ifsans-variable.woff2
Request Chain 34
  • https://www.if.ee/frontend/distribution/fonts/IfSans-Bold.woff2 HTTP 301
  • https://www.if.ee/frontend/distribution/fonts/ifsans-bold.woff2
Request Chain 74
  • https://www.facebook.com/tr/?id=1893292480733502&ev=Microdata&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&rl=&if=false&ts=1594811890679&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee%22%2C%22meta%3Akeywords%22%3A%22if%2C%20if%20kindlustus%22%2C%22meta%3Adescription%22%3A%22If%20Kindlustus%20pakub%3A%20liikuskindlustus%2C%20reisikindlustus%2C%20kaskokindlustus%2C%20kodukindlustus%2C%20%C3%B5nnetusjuhtumikindlustus%20ja%20lemmikloomakindlustus.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.if.ee%2Feraklient%22%2C%22og%3Atitle%22%3A%22Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee%22%2C%22og%3Adescription%22%3A%22If%20Kindlustus%20pakub%3A%20liikuskindlustus%2C%20reisikindlustus%2C%20kaskokindlustus%2C%20kodukindlustus%2C%20%C3%B5nnetusjuhtumikindlustus%20ja%20lemmikloomakindlustus.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fv.imgi.no%2Fbdqgnbrhmt-MOODBOARD%2F2042%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A2666%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1594811890153.483059006&it=1594811889995&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=11626948468121975633&f=AYwJmwNYVrH-KKMki6ftSyY4o1jPxb5k6J-W9nqJrlXCHvrG5VgzacT4-mPRuiZPNFS6dCwk4QwmeD2kRETw_19L&id=1893292480733502&l=3&v=0

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set eraklient
www.if.ee/
Redirect Chain
  • http://www.if.ee/eraklient
  • https://www.if.ee/eraklient
63 KB
15 KB
Document
General
Full URL
https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
8f731b4ce4b647b0c75311044fa69de67e5f5d50f535b7f6b56197c6a5a5cca1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Host
www.if.ee
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
TS01e5a945=016f259c32373a08b659fb5997199fe45bbe92367e9e68ef05f10e3818e62084d9482bdaebbbea3d6b5a7bd396fc12bd6f768040b7; TS015b078f=01fb41823e0c5a949af7755ee966e79696c5523ae3ce8c9651a426211a26393a8e9eac08dad10d46e37c78803d0beef6efaab342cf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Length
14974
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
EPi:StateMarker=true; path=/ TS01e5a945=016f259c320904f922abea48f4a8f3c483997d656c9e68ef05f10e3818e62084d9482bdaeb8555107411d50e459b342c847ad2aefb5fa5ae8a54968b85b43129c42fb321d2; Path=/ TS015b078f=01fb41823ee937443d193e221dc712156b00419b20ce8c9651a426211a26393a8e9eac08daabdca83a3ec6f095fa0ade0bdd7ff813e4fb50e2b7915a594f20cd7b3e9422fd; Path=/
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
X-UA-Compatible
IE=edge,chrome=1
Date
Wed, 15 Jul 2020 11:18:07 GMT

Redirect headers

location
https://www.if.ee/eraklient
Connection
Keep-Alive
Content-Length
0
Set-Cookie
TS01e5a945=016f259c32373a08b659fb5997199fe45bbe92367e9e68ef05f10e3818e62084d9482bdaebbbea3d6b5a7bd396fc12bd6f768040b7; Path=/ TS015b078f=01fb41823e0c5a949af7755ee966e79696c5523ae3ce8c9651a426211a26393a8e9eac08dad10d46e37c78803d0beef6efaab342cf; Path=/
global-css.1575d7f20e639626bdf0.css
www.if.ee/frontend/distribution/css/
145 KB
23 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/global-css.1575d7f20e639626bdf0.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
8baa0a5c2e02537e4d3e867df2811e4defa3e40ce50c4fe79aa18371e6a932ee

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 09:30:56 GMT
ETag
"086f267853d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
22774
X-UA-Compatible
IE=edge,chrome=1
global-vid-css.5078fe857e95b0a515e6.css
www.if.ee/frontend/distribution/css/
1 MB
117 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/global-vid-css.5078fe857e95b0a515e6.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
0c12d12df4f8be598a47f0f9b2a3c78e2b05ff35e6f53643bcb1ab13da4801dc

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 09:30:56 GMT
ETag
"086f267853d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
119722
X-UA-Compatible
IE=edge,chrome=1
global-lg-css.020871fbb93994522362.css
www.if.ee/frontend/distribution/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/global-lg-css.020871fbb93994522362.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
28fc01f34a0d85cd823ec1fc072477f604f897b97c42eb1281dfe6d21190c7ae

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jun 2020 14:20:06 GMT
ETag
"02f8367fb3fd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
1110
X-UA-Compatible
IE=edge,chrome=1
dropdown-calltoaction-block-css.1de1d365adda4ef8e2f7.css
www.if.ee/frontend/distribution/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/dropdown-calltoaction-block-css.1de1d365adda4ef8e2f7.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
4903ced1956c79328bcf0e97481dd5743d3694c623718bc8d7abcf7edeb45463

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:34 GMT
ETag
"07fa699464ad61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
934
X-UA-Compatible
IE=edge,chrome=1
gb-link-box-css.14ef8e31d0544e111d2b.css
www.if.ee/frontend/distribution/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/gb-link-box-css.14ef8e31d0544e111d2b.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
324474b171a8a33a16936da2a34592744325dd32d57ba0f4eec4d6564c02e15d

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:34 GMT
ETag
"07fa699464ad61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
2721
X-UA-Compatible
IE=edge,chrome=1
crosslink-css.2dcf8deef7cec5435b41.css
www.if.ee/frontend/distribution/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/crosslink-css.2dcf8deef7cec5435b41.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
e1b11b85dcfe949a090a94023e151f41e78baa564db2037f47b50aa9ad7f70aa

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:34 GMT
ETag
"07fa699464ad61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
806
X-UA-Compatible
IE=edge,chrome=1
moodboard-insurance-f002075.min-sha2KAZS9u0kySYxjcJ9ND7rNpXc-3c.css
cdnsc.azureedge.net/resources/
2 KB
815 B
Stylesheet
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002075.min-sha2KAZS9u0kySYxjcJ9ND7rNpXc-3c.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
382431ff8d66f7f25ea2708c50fc343beada02524ff044ad3f79383ca8fd69e4

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
cg6w8uvcY4dhOBPetJ8ReA==
status
200
content-length
500
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 00:59:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79ED64850ABA7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c9b1da2f-501e-008c-4dde-d2c02b000000
cache-control
max-age=601996
x-ms-version
2009-09-19
moodboard-insurance-accident.min-sha2HVSc9u1YKfJU7qk5UxrflLdRZdg.css
cdnsc.azureedge.net/resources/
2 KB
823 B
Stylesheet
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-accident.min-sha2HVSc9u1YKfJU7qk5UxrflLdRZdg.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7290b3c9b0ba0bf7e16f21fd945fa12e93ce2ebd352561c617f13cb0963d11ea

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
wBHIx6ngC4Svh7FeKQS4pw==
status
200
content-length
500
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 01:03:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79ED6F5FA8574
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
307dab19-e01e-0112-6c00-d2ff39000000
cache-control
public, max-age=671493
x-ms-version
2009-09-19
moodboard-insurance-f002091.min-sha2EbgAlbxefjcXpgLS11WFANP2d6c.css
cdnsc.azureedge.net/resources/
2 KB
823 B
Stylesheet
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002091.min-sha2EbgAlbxefjcXpgLS11WFANP2d6c.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ca733b025fe3acd0a829cb34b5c6386606d2a68f235a9bee4e8987211a9b25a

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
ndhoAFlvr7YWkX9hqsh8Qg==
status
200
content-length
502
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 01:06:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79ED755EB8FE1
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
282d8111-c01e-0127-6093-28516c000000
cache-control
public, max-age=324248
x-ms-version
2009-09-19
vendor-responsively-lazy-css.5f0b6dab7b0353888038.css
www.if.ee/frontend/distribution/css/
174 B
585 B
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/vendor-responsively-lazy-css.5f0b6dab7b0353888038.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
1283a4c5380c51e11b99f8cd02d48c41d9713f8277fcff9df9c1fce070cd441a

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Apr 2019 11:17:00 GMT
ETag
"05ef51458f0d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
216
X-UA-Compatible
IE=edge,chrome=1
moodboard-insurance-f002348.min-sha2p8OCq8I8GNqysXkR5qK9XENnFLU.css
cdnsc.azureedge.net/resources/
2 KB
827 B
Stylesheet
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002348.min-sha2p8OCq8I8GNqysXkR5qK9XENnFLU.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
743690f0b0ec9885984d519248bd8b5c874b806ceb330328a96852206a0d06f4

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
OGwbSgV/RQLwMsSyYssteQ==
status
200
content-length
504
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 00:58:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79ED63881A261
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
73bfccbb-201e-0029-1192-20fb32000000
cache-control
public, max-age=638384
x-ms-version
2009-09-19
moodboard-campaign-travelling-ee.min-sha27oxFvxiGDzV7EvwUy4UnlWIiPPY.css
cdnsc.azureedge.net/resources/
2 KB
830 B
Stylesheet
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-campaign-travelling-ee.min-sha27oxFvxiGDzV7EvwUy4UnlWIiPPY.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ce4f21789f2aceb531ec075f9256a1aeb6f602182a6f2b68649fc4b5ec93637a

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
eGp7E840YkKYcQ91rOpBHw==
status
200
content-length
508
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 00:51:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79ED532B0C5E8
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0ee5438f-501e-0069-0bb3-56d2dc000000
cache-control
public, max-age=262591
x-ms-version
2009-09-19
banner-block-css.8bb80555b36c553336dc.css
www.if.ee/frontend/distribution/css/
189 B
595 B
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/banner-block-css.8bb80555b36c553336dc.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
c3113968d2db5a4b4d06916cd709d6bd35e7402fb2d9e7b0425b10a0a2432539

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Feb 2020 13:27:00 GMT
ETag
"02af01aa8e1d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
226
X-UA-Compatible
IE=edge,chrome=1
btx-expandables.b3eae91201b36740dbc7.css
www.if.ee/frontend/distribution/css/
14 KB
2 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/btx-expandables.b3eae91201b36740dbc7.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
4b5596d78408a456e964a6b9b77765f8831a4ff84ae104d7a8ce62b297adae00

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:34 GMT
ETag
"07fa699464ad61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
1588
X-UA-Compatible
IE=edge,chrome=1
btx-expandables-lg.20502cfc9a72ecbe3709.css
www.if.ee/frontend/distribution/css/
1 KB
675 B
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/btx-expandables-lg.20502cfc9a72ecbe3709.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
9c7cb8df08ba0c1ba9f3409d8f909d4e67b78a2c5ea36f10ba19837169f03ef2

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 May 2019 07:12:20 GMT
ETag
"06269b02415d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
306
X-UA-Compatible
IE=edge,chrome=1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 22:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564433
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34009
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 22:30:56 GMT
global-js.adc7b838c95a4939fca3.js
www.if.ee/frontend/distribution/js/
536 KB
149 KB
Script
General
Full URL
https://www.if.ee/frontend/distribution/js/global-js.adc7b838c95a4939fca3.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
7b0e85a825d097c87ebba27f7659ff48fb2b2debd878d0a8435ce9e8ec994cf2

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:36 GMT
ETag
"0acd79a464ad61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
152582
X-UA-Compatible
IE=edge,chrome=1
dropdown-calltoaction-block-js.83bb7bb86f74b251933d.js
www.if.ee/frontend/distribution/js/
11 KB
5 KB
Script
General
Full URL
https://www.if.ee/frontend/distribution/js/dropdown-calltoaction-block-js.83bb7bb86f74b251933d.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
1fdda0bc8200b032659037da504372088fef3a0d91cdb92f6f96def801b92ca2

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:36 GMT
ETag
"0acd79a464ad61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
4682
X-UA-Compatible
IE=edge,chrome=1
vendor-responsively-lazy-js.67edaa522a318ece0d3a.js
www.if.ee/frontend/distribution/js/
37 KB
13 KB
Script
General
Full URL
https://www.if.ee/frontend/distribution/js/vendor-responsively-lazy-js.67edaa522a318ece0d3a.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
fb37650e58c285f6c6a65b646fa706a494678a7e9b25bc249ba777a76f25b4ec

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:36 GMT
ETag
"0acd79a464ad61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
12515
X-UA-Compatible
IE=edge,chrome=1
openpages-lazy-background-js.193e5e8af1550dde7b74.js
www.if.ee/frontend/distribution/js/
11 KB
5 KB
Script
General
Full URL
https://www.if.ee/frontend/distribution/js/openpages-lazy-background-js.193e5e8af1550dde7b74.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
a7e754bb105aff605522210751b167b8ee4b451209828123eed6fd4d340ebfa8

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:36 GMT
ETag
"0acd79a464ad61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
4594
X-UA-Compatible
IE=edge,chrome=1
logo.svg
if-vid-brand-cdn.azureedge.net/images/logo/
1 KB
946 B
Image
General
Full URL
https://if-vid-brand-cdn.azureedge.net/images/logo/logo.svg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6f4a362de64f73f6ec5b42f4d825d562a4f3381d6c3d3924c11c4dd02b3a20e

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
server
Kestrel
etag
"c1a53874ea83bc4e8b9a7d09518af45470d700c5"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
image/svg+xml
status
200
x-azure-ref
08eUOXwAAAAB/z7J11H6/Qa8UJqjWReEJQU1TRURHRTA1MDYAYmQ2NjE5ZDAtMzZiNS00NDM0LWIxNzMtYmE5NDdmYWQzN2U5
content-disposition
inline; filename="logo.svg"
accept-ranges
bytes
global-sm-css.7e556abadd759bb4e67a.css
www.if.ee/frontend/distribution/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/global-sm-css.7e556abadd759bb4e67a.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
f00ddfc0bcb80d7d59880eadb61f82f78a6b3886bcebfdca83cb995f6e2ec93f

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jun 2020 14:20:06 GMT
ETag
"02f8367fb3fd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
2712
X-UA-Compatible
IE=edge,chrome=1
global-md-css.201a7dfc5c46b449706c.css
www.if.ee/frontend/distribution/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/global-md-css.201a7dfc5c46b449706c.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
920f92d5de734fe0a4b98db9b0748966ee1b5e88248dffbe821558effc159887

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jun 2020 14:20:06 GMT
ETag
"02f8367fb3fd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
792
X-UA-Compatible
IE=edge,chrome=1
btx-expandables-sm.4157ac25206afee82dc2.css
www.if.ee/frontend/distribution/css/
1 KB
674 B
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/btx-expandables-sm.4157ac25206afee82dc2.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
99f4edb312467acaddb8e120e5ced5db7070f5f90a7b96146e15d33858c49cc5

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 May 2019 07:12:20 GMT
ETag
"06269b02415d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
305
X-UA-Compatible
IE=edge,chrome=1
btx-expandables-md.5c89828dd6754f38bcc0.css
www.if.ee/frontend/distribution/css/
1 KB
687 B
Stylesheet
General
Full URL
https://www.if.ee/frontend/distribution/css/btx-expandables-md.5c89828dd6754f38bcc0.css
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
cdab0d8baea190ddd27a788f009a6d897ddf1beff33356bfc342e3a1de4a0b61

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 May 2019 07:12:20 GMT
ETag
"06269b02415d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
318
X-UA-Compatible
IE=edge,chrome=1
find.js
dl.episerver.net/13.2.6/epi-util/
6 KB
3 KB
Script
General
Full URL
https://dl.episerver.net/13.2.6/epi-util/find.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7146
x-powered-by
ASP.NET
status
200
content-length
2640
cf-request-id
03f3cb4fe400009704dd84b200000001
last-modified
Fri, 28 Feb 2020 13:18:28 GMT
server
cloudflare
etag
W/"6234-1582895908000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
5b3314c63b029704-FRA
expires
Thu, 16 Jul 2020 11:18:09 GMT
global-vid-js.ed4333916a5fa027e272.js
www.if.ee/frontend/distribution/js/
7 KB
4 KB
Script
General
Full URL
https://www.if.ee/frontend/distribution/js/global-vid-js.ed4333916a5fa027e272.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
a48989f81d99590acb72980d58c0f3987f5c2d3725c84d99f2ed58f1ceed5b6b

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jun 2020 16:43:36 GMT
ETag
"0acd79a464ad61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
3225
X-UA-Compatible
IE=edge,chrome=1
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
688
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (frc/8FA5)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
177033cf-501e-00af-3198-5ac674000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 15 Jul 2020 11:48:09 GMT
j.php
dev.visualwebsiteoptimizer.com/
8 KB
3 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=323119&u=https%3A%2F%2Fwww.if.ee%2Feraklient&r=0.8412544644013473
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
5ee88e5111df53f6a66243cb91f96198565ea4ede65a5483c7a5aa8f94e1c225

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
server
gams1
content-type
application/javascript; charset=UTF-8
status
200
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
gtm.js
www.googletagmanager.com/
345 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-88KN
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6522288822645d28c4167190971d535aa328e0258d10c06ae0570c62beaadd86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64644
x-xss-protection
0
expires
Wed, 15 Jul 2020 11:18:09 GMT
search-outlined.5efbe8d9127f88572a2fbdec81b77f31.svg
www.if.ee/frontend/distribution/img/
2 KB
2 KB
Image
General
Full URL
https://www.if.ee/frontend/distribution/img/search-outlined.5efbe8d9127f88572a2fbdec81b77f31.svg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
ba188fb64aa0385fd424a8b115cccd5a0db22df821e6c6f3c3d0446e2f2f83f6

Request headers

Referer
https://www.if.ee/frontend/distribution/css/global-css.1575d7f20e639626bdf0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Last-Modified
Thu, 17 Oct 2019 07:10:04 GMT
ETag
"0ee1e6b984d51:0"
Content-Type
image/svg+xml
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
1758
X-UA-Compatible
IE=edge,chrome=1
2042
v.imgi.no/bdqgnbrhmt-MOODBOARD/
177 KB
178 KB
Image
General
Full URL
https://v.imgi.no/bdqgnbrhmt-MOODBOARD/2042
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28831f0faa4bc0fc70072a9a160fc16b6478407d79d2b6de8d45fe7cd331b5cf

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 05:00:06 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jun 2020 08:10:07 GMT
server
AmazonS3
age
22684
etag
"1b95bfb0811f687ea947d94b0d80790a"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=108030
x-amz-cf-pop
FRA50-C1
content-length
181261
x-amz-cf-id
NJXwSYDQGDDj614JnlFNqGLbuIkurY39j6AO7sf4AGvO-KHxmekd2Q==
truncated
/
301 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1abd69e8a61f057bd13900e7879dcf73607cefd1b6afbefa3c5672399cadcae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ifsans-variable.woff2
www.if.ee/frontend/distribution/fonts/
Redirect Chain
  • https://www.if.ee/frontend/distribution/fonts/IfSans-Variable.woff2
  • https://www.if.ee/frontend/distribution/fonts/ifsans-variable.woff2
45 KB
46 KB
Font
General
Full URL
https://www.if.ee/frontend/distribution/fonts/ifsans-variable.woff2
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
15c6ec145ad53b0e05a4864692e4673544bfc34dda96404cc34738c14ab72f7a

Request headers

Referer
https://www.if.ee/frontend/distribution/css/global-vid-css.5078fe857e95b0a515e6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:08 GMT
Last-Modified
Wed, 12 Feb 2020 13:27:02 GMT
ETag
"057211ca8e1d51:0"
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
46360
X-UA-Compatible
IE=edge,chrome=1

Redirect headers

location
https://www.if.ee/frontend/distribution/fonts/ifsans-variable.woff2
Connection
Keep-Alive
Content-Length
0
ifsans-bold.woff2
www.if.ee/frontend/distribution/fonts/
Redirect Chain
  • https://www.if.ee/frontend/distribution/fonts/IfSans-Bold.woff2
  • https://www.if.ee/frontend/distribution/fonts/ifsans-bold.woff2
26 KB
26 KB
Font
General
Full URL
https://www.if.ee/frontend/distribution/fonts/ifsans-bold.woff2
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.215.38.135 , Finland, ASN1759 (TSF-IP-CORE Telia Finland Oyj, EU),
Reverse DNS
if.ee
Software
/
Resource Hash
2ab2a7f5b084468abad0ffe4ff17a2c77db3187825dc75c5aa0d5f58c388c3db

Request headers

Referer
https://www.if.ee/frontend/distribution/css/global-vid-css.5078fe857e95b0a515e6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:09 GMT
Last-Modified
Wed, 12 Feb 2020 13:27:02 GMT
ETag
"057211ca8e1d51:0"
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
private
Request-Context
appId=cid-v1:a650e189-d79e-4d12-9b1b-b773f738aa70
Accept-Ranges
bytes
Content-Length
26280
X-UA-Compatible
IE=edge,chrome=1

Redirect headers

location
https://www.if.ee/frontend/distribution/fonts/ifsans-bold.woff2
Connection
Keep-Alive
Content-Length
0
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
moodboard-insurance-f002075-s660x372.987267384917-sha2sz4fSpWCYANMQcLN0fqQVYkfizY.jpg
cdnsc.azureedge.net/resources/
38 KB
38 KB
Image
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002075-s660x372.987267384917-sha2sz4fSpWCYANMQcLN0fqQVYkfizY.jpg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7c85338e97d2e41b9c266d01d7d147ab8af92228572a09b8eb62daf43289781e

Request headers

Referer
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002075.min-sha2KAZS9u0kySYxjcJ9ND7rNpXc-3c.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
last-modified
Tue, 21 Jan 2020 20:17:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QHPsuMbHXVTxsciicavhzA==
etag
0x8D79EAEE7E79B81
status
200
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
2f1c56d9-901e-0134-7cea-d2648d000000
cache-control
public, max-age=549292
x-ms-version
2009-09-19
content-length
38404
moodboard-insurance-accident-s660x372.987267384917-sha2xDQl4g9tbINRuMv1x7XO6C6rzUM.jpg
cdnsc.azureedge.net/resources/
61 KB
61 KB
Image
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-accident-s660x372.987267384917-sha2xDQl4g9tbINRuMv1x7XO6C6rzUM.jpg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
695dabbc336a19e70f705340f375bd1e94bedf272b802a652f97c706048cffb9

Request headers

Referer
https://cdnsc.azureedge.net/resources/moodboard-insurance-accident.min-sha2HVSc9u1YKfJU7qk5UxrflLdRZdg.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
last-modified
Tue, 21 Jan 2020 19:29:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
v6CkddVmvW3Rqy+k92OiUw==
etag
0x8D79EA849BA299C
status
200
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
71993ba2-b01e-00c2-25d6-0d05ce000000
cache-control
public, max-age=501312
x-ms-version
2009-09-19
content-length
62075
moodboard-insurance-f002091-s660x372.987267384917-sha23OpAb4viL05cbxSNa9UMCAX-w2U.jpg
cdnsc.azureedge.net/resources/
33 KB
33 KB
Image
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002091-s660x372.987267384917-sha23OpAb4viL05cbxSNa9UMCAX-w2U.jpg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e607b69a1bd3deba5fff7718c5cd1b99d9339f3d953feaa22d91a73e0f825ce4

Request headers

Referer
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002091.min-sha2EbgAlbxefjcXpgLS11WFANP2d6c.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
last-modified
Tue, 21 Jan 2020 19:51:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
9ijHlUZIkcGw3YU7ElnuoA==
etag
0x8D79EAB442D93FA
status
200
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
c4a4ac87-001e-0118-5ec1-ffe6b0000000
cache-control
public, max-age=685262
x-ms-version
2009-09-19
content-length
33387
moodboard-insurance-f002348-s660x372.987267384917-sha2-5DILBBCZJDcpXQ-eJtQlVpfu7g.jpg
cdnsc.azureedge.net/resources/
71 KB
72 KB
Image
General
Full URL
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002348-s660x372.987267384917-sha2-5DILBBCZJDcpXQ-eJtQlVpfu7g.jpg
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
354747840fec69f5818d713d43de0ea370af8496eefa360930ceff59fd799459

Request headers

Referer
https://cdnsc.azureedge.net/resources/moodboard-insurance-f002348.min-sha2p8OCq8I8GNqysXkR5qK9XENnFLU.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
last-modified
Tue, 21 Jan 2020 19:57:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
08m/lX1tmbJB9C+29DNq6g==
etag
0x8D79EAC19ADF334
status
200
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8a0e1ea2-801e-00a7-65fb-54b493000000
cache-control
public, max-age=73580
x-ms-version
2009-09-19
content-length
72788
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca97384a1a8531b76a3c62d2939b58acd500acd39e662f73e486b482d6af940b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
187 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7dd703af41412e40ec7ecfeea431aeae38561ca8eb2f1183b50bc72025bd514

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
749 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfde8fa400e941ae4d362664cc7e86acd3c3a80fb0f45b4ff6a291c8ac508d37

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
324 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ae499b417b54b0f6ead02b5b163670cfbd0f2b7596658043fab28d5e669398c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
363 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
279a3ae188cf8d197246dfc6e5a8b3a2a050c3937f243048cd3f7b992dd2d165

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75164a78f74cd340c6326ba3d1451ed09b78a62c2e9bfac23be079fb00c5140f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a23648efca985a0e7f98b602d8c8a6e816b37ff0178d7647eec7be1c209a4506

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
va-eef03ed84d2aff1e4adca64a613bbb7a.js
dev.visualwebsiteoptimizer.com/6.0/
195 KB
57 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-eef03ed84d2aff1e4adca64a613bbb7a.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=323119&u=https%3A%2F%2Fwww.if.ee%2Feraklient&r=0.8412544644013473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
a66c489c1eacf6d94b908a6d37b76edcbcb882c00c83ff960df1cfd4e1a196b3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.if.ee/eraklient
Origin
https://www.if.ee

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 10:19:35 GMT
server
gams1
status
200
etag
"5f0ed837-e1e5"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57829
via
1.1 google
track-eef03ed84d2aff1e4adca64a613bbb7a.js
dev.visualwebsiteoptimizer.com/6.0/
11 KB
4 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/track-eef03ed84d2aff1e4adca64a613bbb7a.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=323119&u=https%3A%2F%2Fwww.if.ee%2Feraklient&r=0.8412544644013473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
0d985086a6cf7546fb188171295ee6a6674f9a67e3057e8e8e5d7c61372e4247

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.if.ee/eraklient
Origin
https://www.if.ee

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 10:19:35 GMT
server
gams1
status
200
etag
"5f0ed837-e13"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3603
via
1.1 google
opa-a4111607dc5ce718c2993c75e25e5d78.js
dev.visualwebsiteoptimizer.com/analysis/3.0/
82 KB
22 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=323119&u=https%3A%2F%2Fwww.if.ee%2Feraklient&r=0.8412544644013473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
a4c20140db48609139bdad1af1ca4218991742a1952bd38fa933c3165f06df41

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.if.ee/eraklient
Origin
https://www.if.ee

Response headers

date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
br
last-modified
Fri, 10 Jul 2020 13:06:31 GMT
server
gams1
status
200
etag
"5f0867d7-555d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21853
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/
35 B
214 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=323119&d=if.ee&u=D077983978D12246DA59791A623E9F5E2&h=3b17a3646019c535e8b563cd2c186ca4&t=false&r=0.5334893857604215
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-88KN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1311
date
Wed, 15 Jul 2020 10:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 15 Jul 2020 12:56:18 GMT
fbevents.js
connect.facebook.net/en_US/
134 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
iyDE+aWx4AxVURHxc7Jwr+Rtcp85hV7xhQ5XvcwMukQ8tTC6mPgAz6WST+H/qkrf1dZDPmzlDhe/4SBFWYRHbA==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Wed, 15 Jul 2020 11:18:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
8fedcbac-c806-4c62-beaf-c5a9c5a9308b.js
cdn.cookielaw.org/consent/
70 KB
18 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/8fedcbac-c806-4c62-beaf-c5a9c5a9308b.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-88KN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F9B) /
Resource Hash
ef296d4a433776f9f4dfbeaa3654b01c515ceeb43f60c165c705bc176e59dd71

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:09 GMT
content-encoding
gzip
content-md5
9ya1N7HHSaGGQEWIoIWcHg==
age
10446
x-cache
HIT
status
200
content-length
17996
x-ms-lease-status
unlocked
last-modified
Thu, 16 May 2019 07:45:24 GMT
server
ECAcc (frc/8F9B)
etag
0x8D6D9D274F9B6A9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d629e831-601e-002b-3081-5aac5e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 15 Jul 2020 15:18:09 GMT
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffc8c5bf522003e4762af762c814b29df1f60fd4585029b896d442f7b6dee625

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
660
v.imgi.no/n52j4sbuzn-MOODBOARD/
51 KB
51 KB
Image
General
Full URL
https://v.imgi.no/n52j4sbuzn-MOODBOARD/660
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e71949a0762b91d20961a25ed2be185c16469a5bb28da1a89641b3b014cc43eb

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 10:25:39 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Mon, 23 Mar 2020 12:46:25 GMT
server
AmazonS3
age
3151
etag
"51bb75edcb864861f4e4e555ca1e6cad"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=108030
x-amz-cf-pop
FRA50-C1
content-length
52116
x-amz-cf-id
Ot1vwEly6r_Hv07BKroN6vwUsDukCgW8C1Vn2w4trbNEK3xsRW3buw==
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 10:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3220
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 15 Jul 2020 11:24:29 GMT
1893292480733502
connect.facebook.net/signals/config/
522 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1893292480733502?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ad899adac3a581374e382059d925a93b2572781f0635b1627b41c0c49c262e1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134557
x-xss-protection
0
pragma
public
x-fb-debug
b0nWflBfB7B9j+kWyTudraUqajt4h2hERT+W795TJ9oWvn9mMThOwWDIpvsKz4n89JAq8bQ9ULLlKsaOfL/VsQ==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Wed, 15 Jul 2020 11:18:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
optanon.css
cdn.cookielaw.org/skins/4.9.0/default_flat_top_two_button_white/v2/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://cdn.cookielaw.org/skins/4.9.0/default_flat_top_two_button_white/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/8fedcbac-c806-4c62-beaf-c5a9c5a9308b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F84) /
Resource Hash
926d850816bee4a85c9c1922ab88fa0d21c7cb4a702e98dccec4e6a2380d8234

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
content-md5
jK2591g0hq+M8n+s378A3Q==
age
4867
x-cache
HIT
status
200
content-length
5562
x-ms-lease-status
unlocked
last-modified
Thu, 19 Sep 2019 20:24:30 GMT
server
ECAcc (frc/8F84)
etag
0x8D73D3F607A73B6
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
22e3bdc8-801e-0080-168e-5a7b4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 15 Jul 2020 15:18:10 GMT
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/
32 B
404 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery1122009225720734895182_1594811889646&_=1594811889647
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5b3314c8bd31bf00-FRA
content-length
32
cf-request-id
03f3cb51720000bf000695e200000001
s.gif
dev.visualwebsiteoptimizer.com/
35 B
97 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=323119&u=D077983978D12246DA59791A623E9F5E2&s=1594811889&p=1&ed={%22tO%22:%22-2%22,%22lt%22:%221594811890072%22,%22r%22:%22%22,%22ul%22:%22en-us%22,%22de%22:%22UTF-8%22,%22sc%22:%2224%22,%22sr%22:%221600x1200%22}&cu=https%253A%252F%252Fwww.if.ee%252Feraklient&r=0&cq=1&vn=6.0.161&random=0.16063473228026548
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/
35 B
97 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1497922930&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&dp=%2Feraklient&ul=en-us&de=UTF-8&dt=Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dataLayer%20-%20Page%20Load&ea=Home%20Page&el=https%3A%2F%2Fwww.if.ee%2Feraklient&_u=aGBAAEAL~&cid=402436307.1594811890&tid=UA-10658475-1&_gid=1998906043.1594811890&gtm=2wg78388KN&z=165405625
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 00:39:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
556738
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1497922930&t=pageview&_s=1&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&dp=%2Feraklient&ul=en-us&de=UTF-8&dt=Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAL~&cid=402436307.1594811890&tid=UA-10658475-1&_gid=1998906043.1594811890&gtm=2wg78388KN&z=870078459
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 00:39:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
556738
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
97 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1497922930&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&dp=%2Feraklient&ul=en-us&de=UTF-8&dt=Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Interaction&ea=domReady&el=https%3A%2F%2Fwww.if.ee%2Feraklient&_u=aGDAAEAL~&cid=402436307.1594811890&tid=UA-10658475-1&_gid=1998906043.1594811890&gtm=2wg78388KN&z=682434122
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 00:39:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
556738
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
worker-1acd6955248e984d8c16ea37afb8cbb7.js
dev.visualwebsiteoptimizer.com/analysis/
47 KB
13 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
br
last-modified
Mon, 16 Mar 2020 04:39:53 GMT
server
gams1
status
200
etag
"5e6f0319-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
s.gif
dev.visualwebsiteoptimizer.com/
35 B
97 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=323119&u=D077983978D12246DA59791A623E9F5E2&s=1594811889&p=1&tags={%22si%22:{%22148%22:%221%22,%22147%22:%221%22,%22144%22:%221%22}}&eg=6,5,2&update=1&cq=1&vn=6.0.161&_cu=https%3A%2F%2Fwww.if.ee%2Feraklient&random=0.21002901153808695
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
/
www.facebook.com/tr/
44 B
258 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1893292480733502&ev=PageView&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&rl=&if=false&ts=1594811890154&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1594811890153.483059006&it=1594811889995&coo=false&rqm=GET
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 15 Jul 2020 11:18:10 GMT
logo.min-sha2UrlX-5wEsrrV0qRDj5z4xoWgLBo.png
crms-cdn.azureedge.net/
3 KB
3 KB
Image
General
Full URL
https://crms-cdn.azureedge.net/logo.min-sha2UrlX-5wEsrrV0qRDj5z4xoWgLBo.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4ff56386d8f9e994efbd0319f2b7b56b9a1d60030cef603599eb1b8e02d104b

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 15 Jul 2020 11:18:10 GMT
last-modified
Wed, 26 Sep 2018 11:16:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8D623A189E90A95"
content-type
image/png
status
200
x-ms-request-id
ed17b928-801e-0088-4179-dab6aa000000
x-ms-version
2014-02-14
accept-ranges
bytes
content-length
3285
x-ms-lease-state
available
/
service.giosg.com/live/
286 KB
89 KB
Script
General
Full URL
https://service.giosg.com/live/
Requested by
Host: www.if.ee
URL: https://www.if.ee/eraklient
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
385ae9cbb38251f186771e5b95ffc7538ba77a8072d671b9229e4b1edf759cb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 12:44:40 GMT
server
nginx
etag
"5f0da8b8-16248"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
status
200
cache-control
max-age=86400, public
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
content-length
90696
expires
Thu, 16 Jul 2020 11:18:10 GMT
collect
www.google-analytics.com/
35 B
97 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1497922930&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&dp=%2Feraklient&ul=en-us&de=UTF-8&dt=Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Interaction&ea=windowLoaded&el=https%3A%2F%2Fwww.if.ee%2Feraklient&_u=aGDAAEAL~&cid=402436307.1594811890&tid=UA-10658475-1&_gid=1998906043.1594811890&gtm=2wg78388KN&z=1979732872
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 00:39:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
556738
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/
96 B
519 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aae6abe671ad1895d993d716adf014cfd9af560697631a5250856e283560c013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
6574CD73-8FCC-4ED1-83F1-0CA8EAD6012D
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 15 Jul 2020 11:18:10 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
/
service.giosg.com/api/v2/visitor/settings/3516/
195 KB
32 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/settings/3516/?url=https%3A%2F%2Fwww.if.ee%2Feraklient
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
45fa894c8528c1a338ccffb21538215778063b90bd70b7e09b6bb97a6acd57e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Client-Origin
https://www.if.ee

Response headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
68
status
200
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
32767
giosgClient.5e164559cdf4cb2a5f73.js
service.giosg.com/static/
208 KB
56 KB
Script
General
Full URL
https://service.giosg.com/static/giosgClient.5e164559cdf4cb2a5f73.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
cbe355f62177e3362656a97da9a0c01a94c2bb2af8afa454ae87a3d0ad2346c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 12:44:40 GMT
server
nginx
status
200
etag
"5f0da8b8-defb"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
57083
expires
Thu, 31 Dec 2037 23:55:55 GMT
683b1ffd-a2a6-4a2e-a72f-b4803e219450
https://www.if.ee/
47 KB
0
Other
General
Full URL
blob:https://www.if.ee/683b1ffd-a2a6-4a2e-a72f-b4803e219450
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
47679
Content-Type
text/javascript
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=1893292480733502&ev=Microdata&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&rl=&if=false&ts=1594811890679&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kindlustus%20Sul...
  • https://cx.atdmt.com/?c=11626948468121975633&f=AYwJmwNYVrH-KKMki6ftSyY4o1jPxb5k6J-W9nqJrlXCHvrG5VgzacT4-mPRuiZPNFS6dCwk4QwmeD2kRETw_19L&id=1893292480733502&l=3&v=0
43 B
428 B
Image
General
Full URL
https://cx.atdmt.com/?c=11626948468121975633&f=AYwJmwNYVrH-KKMki6ftSyY4o1jPxb5k6J-W9nqJrlXCHvrG5VgzacT4-mPRuiZPNFS6dCwk4QwmeD2kRETw_19L&id=1893292480733502&l=3&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
x-fb-debug
3tuVc80d5jp2jRkfl1tFwiBDyyFZHDCqn9xRcbSe6MuJboVp8+wEO024fSjsg1cpVwiI1afL1Tu2ndrRgp4FAw==
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Jul 2020 04:18:10 PDT
x-frame-options
DENY
content-type
image/gif
status
200
cache-control
public, max-age=0
vary
Accept-Encoding
expires
Wed, 15 Jul 2020 04:18:10 PDT

Redirect headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:10 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=11626948468121975633&f=AYwJmwNYVrH-KKMki6ftSyY4o1jPxb5k6J-W9nqJrlXCHvrG5VgzacT4-mPRuiZPNFS6dCwk4QwmeD2kRETw_19L&id=1893292480733502&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
expires
0
/
service.giosg.com/api/v2/visitor/dialog/8936/
42 KB
15 KB
XHR
General
Full URL
https://service.giosg.com/api/v2/visitor/dialog/8936/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
a71669ec7f6b4bf24d8209721727b04160c2f8c1f91c8910f8090c657d2a1972
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
X-GIOSG-ClientVersion
ca22b5648133a409b3c5eb33a3f322d3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
10
status
200
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
14827
giosgClient.b9b684686343962b.css
service.giosg.com/static/stylesheets/
25 KB
8 KB
Stylesheet
General
Full URL
https://service.giosg.com/static/stylesheets/giosgClient.b9b684686343962b.css
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
a3ef5620df454ddb54a1fa7523e4bebb4600097e330e80ba3ace9bf1b88751b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 12:44:40 GMT
server
nginx
status
200
etag
"5f0da8b8-202c"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
8236
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
3516.clients.giosgusercontent.com/cd/3516/3bl2j/ Frame 849D
0
0
Document
General
Full URL
https://3516.clients.giosgusercontent.com/cd/3516/3bl2j/?url=https%3A%2F%2Fwww.if.ee%2Feraklient&dialog_id=8936
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
3516.clients.giosgusercontent.com
:scheme
https
:path
/cd/3516/3bl2j/?url=https%3A%2F%2Fwww.if.ee%2Feraklient&dialog_id=8936
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.if.ee/eraklient
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.if.ee/eraklient

Response headers

status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
22860
content-type
text/html; charset=utf-8
date
Wed, 15 Jul 2020 11:18:10 GMT
pragma
no-cache
server
nginx
set-cookie
csrftoken=lg67nXSPBG0nBM9xA4jKmI7q8gd06YM9YcIEfutSc0yQVJu3ip4sc9JgoXlMGIOq; expires=Wed, 14 Jul 2021 11:18:10 GMT; Max-Age=31449600; Path=/; SameSite=none; Secure
vary
Cookie, Accept-Language, Accept-Encoding
x-response-duration
35
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
analyze
r2.visualwebsiteoptimizer.com/
0
143 B
XHR
General
Full URL
https://r2.visualwebsiteoptimizer.com/analyze?_a=323119&_u=https%3A%2F%2Fwww.if.ee%2Feraklient
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.221.11.9 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.11.221.35.bc.googleusercontent.com
Software
r2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryvNEnoyYfu3AlrGn4

Response headers

status
200
date
Wed, 15 Jul 2020 11:18:10 GMT
content-encoding
gzip
server
r2
access-control-allow-origin
*
content-type
application/javascript; charset=UTF-8
live.js
dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/
251 KB
53 KB
Script
General
Full URL
https://dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/live.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/giosgClient.5e164559cdf4cb2a5f73.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:8e00:1d:5e80:5500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.12 / Express
Resource Hash
db6a187517910178468db5fcb1df23bed7a6c6ecaad303dcd33f754207d04fc6

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 11:17:43 GMT
content-encoding
gzip
age
28
x-powered-by
Express
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.15.12
etag
W/"3ecc1-5XEIfXCgdtWq/3xiVjjaVJeEbHU"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/html; charset=utf-8
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=30
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
Content-Type,Authorization
x-amz-cf-id
LwJXjrr5HhuOz5nEsNYl8S5ZP7ugm9DEkojwS5TRZiI0lezvt21jPg==
/
service.giosg.com/api/v5/public/trace/
17 B
374 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 15 Jul 2020 11:18:11 GMT
allow
GET, POST, HEAD, OPTIONS
server
nginx
x-response-duration
494
status
201
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
truncated
/
751 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ff4042c1fac82f9f8dae2dfd22e716ea9a21caa38d2d46f47a7a5fad60842a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
cqxCP9ieVl9qCO9Rq85fwo21nkaSdd.png
giosg-chat-public-eu.s3.amazonaws.com/assets/3516/
250 KB
251 KB
Image
General
Full URL
https://giosg-chat-public-eu.s3.amazonaws.com/assets/3516/cqxCP9ieVl9qCO9Rq85fwo21nkaSdd.png
Requested by
Host: dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
URL: https://dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/live.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.29.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c890abbe875a20a1e27a2efba4402dfb4f68198763952fdbc38f51cab6cce7ed

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:12 GMT
Last-Modified
Tue, 05 May 2020 08:56:10 GMT
Server
AmazonS3
x-amz-request-id
BE86F1F759FB5B0C
ETag
"486091167c4c184fa1db38202c9ef403"
x-amz-version-id
ColrhviB4bQWBD9VspYZYLYnDkQZl3Qg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png; charset=utf-8
Content-Length
256411
x-amz-id-2
VJ9cNV0sXnkMdQ7LOpquqBaQ7dr/A8EpnaX6yjDUFc0WqcYd53kH4doVgx0vJCPgPUMVhXLm7iY=
3R0fW2Jg56ZJBrHDHeG3YxXkKEVmWf.png
giosg-chat-public-eu.s3.amazonaws.com/assets/5243/
3 KB
4 KB
Image
General
Full URL
https://giosg-chat-public-eu.s3.amazonaws.com/assets/5243/3R0fW2Jg56ZJBrHDHeG3YxXkKEVmWf.png
Requested by
Host: dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
URL: https://dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/live.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.29.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6ac095743621380867a79bcba12371e153c375a572f6e04af0e65707d78bcac

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 15 Jul 2020 11:18:12 GMT
Last-Modified
Tue, 07 May 2019 12:32:38 GMT
Server
AmazonS3
x-amz-request-id
4W3R0NDPFZ3JDZCY
ETag
"b9c9a854c1057fd857a0f71901249238"
x-amz-version-id
null
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png; charset=utf-8
Content-Length
3504
x-amz-id-2
E1ynFMeqs0n+CdvNG6JC399u4ffOI/q0+GWjtYgflVCLbIzAZywPBGESWZ6s9Qn4MZIDjjzN6DM=
untrusted
api.giosg.com/events/v2/store/
2 B
223 B
Other
General
Full URL
https://api.giosg.com/events/v2/store/untrusted
Requested by
Host: dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
URL: https://dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/live.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Jul 2020 11:18:11 GMT
allow
POST, OPTIONS
server
openresty
status
201
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.if.ee
access-control-allow-credentials
true
content-length
2
untrusted
api.giosg.com/events/v2/store/
2 B
223 B
Other
General
Full URL
https://api.giosg.com/events/v2/store/untrusted
Requested by
Host: dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
URL: https://dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com/live.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Jul 2020 11:18:11 GMT
allow
POST, OPTIONS
server
openresty
status
201
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.if.ee
access-control-allow-credentials
true
content-length
2
/
service.giosg.com/api/visitor-data/hxbhf7ff3wnzh6acoyaapfplnq6ppfbqlff33u4r446wmaqm/5963/
151 B
516 B
XHR
General
Full URL
https://service.giosg.com/api/visitor-data/hxbhf7ff3wnzh6acoyaapfplnq6ppfbqlff33u4r446wmaqm/5963/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e7610a0bf7dd6ea86d6df1f712892f6acdd669bee151176ffc184a989f73c23a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
X-GIOSG-ClientVersion
ca22b5648133a409b3c5eb33a3f322d3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 15 Jul 2020 11:18:11 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
17
status
200
vary
Accept, Accept-Language, Cookie
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000
content-type
application/json
content-length
151
/
service.giosg.com/api/v5/public/trace/
17 B
373 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 15 Jul 2020 11:18:12 GMT
allow
GET, POST, HEAD, OPTIONS
server
nginx
x-response-duration
80
status
201
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
collect
www.google-analytics.com/
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=1497922930&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.if.ee%2Feraklient&dp=%2Feraklient&ul=en-us&de=UTF-8&dt=Kindlustus%20Sulle%2C%20Sinu%20perele%20ja%20ettev%C3%B5ttele%20%7C%20If.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=giosglive&ea=visitorReachedGoal&el=Interaction%20EE%3A%20General%202%20completed%20at%20view%20Main%20button%20(General)%3A39a2f7cc-49bb-11ea-8170-0242ac110015%3Ahttps%3A%2F%2Fwww.if.ee%2Feraklient&ev=1&_u=aGDAAEAL~&cid=402436307.1594811890&tid=UA-10658475-1&_gid=1998906043.1594811890&gtm=2wg78388KN&z=257476143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 00:39:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
556739
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
service.giosg.com/api/v5/public/trace/
17 B
373 B
XHR
General
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.235.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
7204d3a47833ea671c0f4d91c0393239c7bcd14eefdd0858743cb153913b54d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 15 Jul 2020 11:18:12 GMT
allow
GET, POST, HEAD, OPTIONS
server
nginx
x-response-duration
26
status
201
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
analyze
r2.visualwebsiteoptimizer.com/
0
142 B
XHR
General
Full URL
https://r2.visualwebsiteoptimizer.com/analyze?_a=323119&_u=https%3A%2F%2Fwww.if.ee%2Feraklient
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.221.11.9 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.11.221.35.bc.googleusercontent.com
Software
r2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.if.ee/eraklient
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKgsLmiYWSX1MVb09

Response headers

status
200
date
Wed, 15 Jul 2020 11:18:15 GMT
content-encoding
gzip
server
r2
access-control-allow-origin
*
content-type
application/javascript; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights function| $ function| jQuery object| html5 object| Modernizr function| OnlineSalesTooltip object| _vwo_code number| settings_timer number| _vwo_settings_timer object| gaModel boolean| isLoggedIn string| checkPageType object| dataLayer function| displayCTAMenu function| FindApi object| api object| AI object| Microsoft function| __extends function| _endsWith number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb object| google_tag_manager undefined| dimension1 undefined| dimension2 boolean| dimension3 undefined| dimension4 undefined| dimension5 undefined| dimension6 string| dimension7 string| dimension8 string| dimension9 undefined| dimension10 string| dimension11 string| dimension12 string| dimension13 string| dimension14 string| dimension15 undefined| dimension16 undefined| dimension17 undefined| dimension18 undefined| dimension19 undefined| dimension20 undefined| dimension21 undefined| dimension22 undefined| dimension23 undefined| dimension24 undefined| dimension25 undefined| dimension26 undefined| dimension27 undefined| dimension28 undefined| dimension29 undefined| dimension30 undefined| dimension31 undefined| dimension32 boolean| dimension33 undefined| dimension34 boolean| dimension35 undefined| dimension36 undefined| dimension37 undefined| dimension38 undefined| dimension39 undefined| dimension40 undefined| dimension41 undefined| dimension42 undefined| dimension43 undefined| dimension44 undefined| dimension45 undefined| dimension46 undefined| dimension47 undefined| dimension48 undefined| dimension49 undefined| dimension50 undefined| dimension51 undefined| dimension52 undefined| dimension53 undefined| dimension54 undefined| dimension55 undefined| dimension56 undefined| dimension57 undefined| dimension58 undefined| dimension59 undefined| dimension60 undefined| dimension61 undefined| dimension62 undefined| dimension63 undefined| dimension64 undefined| dimension65 undefined| dimension66 undefined| dimension67 undefined| dimension68 undefined| dimension69 undefined| dimension70 undefined| dimension71 undefined| dimension72 undefined| dimension73 undefined| dimension74 undefined| dimension75 undefined| dimension76 undefined| dimension77 undefined| dimension78 undefined| dimension79 undefined| dimension80 undefined| dimension81 undefined| dimension82 undefined| dimension83 undefined| dimension84 undefined| dimension85 undefined| dimension86 undefined| dimension87 undefined| dimension88 undefined| dimension89 undefined| dimension90 undefined| dimension91 undefined| dimension92 undefined| dimension93 undefined| dimension94 undefined| dimension95 undefined| dimension108 undefined| dimension109 undefined| dimension110 undefined| dimension111 undefined| dimension112 undefined| dimension113 undefined| dimension114 undefined| dimension115 undefined| metric1 number| metric2 undefined| metric3 number| metric4 number| metric5 number| metric6 number| metric7 undefined| metric8 undefined| metric9 undefined| metric10 undefined| metric11 undefined| metric12 number| metric13 object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| visibilityEvent boolean| hiddenState function| visibilityChanged boolean| IS_SAFARI_ITP object| gaplugins object| gaGlobal object| gaData function| Qa function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| jQuery1122009225720734895182 function| OptanonWrapper number| ___vwo boolean| DISABLE_NATIVE_CONSTANTS object| __nls function| _giosg object| giosgWebpackJsonp undefined| _ object| giosg function| jGiosg undefined| JSON3 object| GiosgClient function| setImmediate function| clearImmediate boolean| NonInteractionONafter10secs number| scrollCount function| testScroll

16 Cookies

Domain/Path Name / Value
www.if.ee/ Name: ai_session
Value: 3xJa2|1594811890164.98|1594811890164.98
.if.ee/ Name: _fbp
Value: fb.1.1594811890153.483059006
.if.ee/ Name: _vwo_ds
Value: 3%3Aa_1%2Ct_1%3A0%241594811889%3A2.84385995%3A%3A6_1%2C5_1%2C2_1%3A61_1%2C51_1%2C3_1%2C1_1%3A1
.if.ee/ Name: _vwo_sn
Value: 0%3A1%3Ar2.visualwebsiteoptimizer.com%3A1%3A1
.if.ee/ Name: _gcl_au
Value: 1.1.548651717.1594811890
.if.ee/ Name: _vwo_uuid
Value: D077983978D12246DA59791A623E9F5E2
.if.ee/ Name: OptanonConsent
Value: landingPath=https%3A%2F%2Fwww.if.ee%2Feraklient&datestamp=Wed+Jul+15+2020+13%3A18%3A10+GMT%2B0200+(Central+European+Summer+Time)&version=4.9.0&EU=true&groups=1%3A1%2C2%3A1%2C4%3A1%2C0_39681%3A1
.if.ee/ Name: _vis_opt_s
Value: 1%7C
.if.ee/ Name: _vis_opt_test_cookie
Value: 1
.if.ee/ Name: _gid
Value: GA1.2.1998906043.1594811890
www.if.ee/ Name: EPi:StateMarker
Value: true
www.if.ee/ Name: ai_user
Value: raKil|2020-07-15T11:18:09.813Z
www.if.ee/ Name: TS015b078f
Value: 01fb41823ee937443d193e221dc712156b00419b20ce8c9651a426211a26393a8e9eac08daabdca83a3ec6f095fa0ade0bdd7ff813e4fb50e2b7915a594f20cd7b3e9422fd
.if.ee/ Name: _vwo_uuid_v2
Value: D077983978D12246DA59791A623E9F5E2|3b17a3646019c535e8b563cd2c186ca4
.if.ee/ Name: _ga
Value: GA1.2.402436307.1594811890
www.if.ee/ Name: TS01e5a945
Value: 016f259c320904f922abea48f4a8f3c483997d656c9e68ef05f10e3818e62084d9482bdaeb8555107411d50e459b342c847ad2aefb5fa5ae8a54968b85b43129c42fb321d2

1 Console Messages

Source Level URL
Text
console-api log URL: https://service.giosg.com/live/(Line 148)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3516.clients.giosgusercontent.com
ajax.googleapis.com
api.giosg.com
az416426.vo.msecnd.net
cdn.cookielaw.org
cdnsc.azureedge.net
connect.facebook.net
crms-cdn.azureedge.net
cx.atdmt.com
dc.services.visualstudio.com
dc31804d-fc4c-430c-801e-33d2f79ffcb2.interactions.giosgusercontent.com
dev.visualwebsiteoptimizer.com
dl.episerver.net
geolocation.onetrust.com
giosg-chat-public-eu.s3.amazonaws.com
if-vid-brand-cdn.azureedge.net
r2.visualwebsiteoptimizer.com
service.giosg.com
v.imgi.no
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.if.ee
143.204.89.94
194.215.38.135
2600:9000:21f3:8e00:1d:5e80:5500:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b944
2606:4700::6812:1276
2620:1ec:bdf::10
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a01:4a0:1338:28::c38a:ff0a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
34.96.102.137
35.221.11.9
40.79.138.41
5.9.235.235
52.218.29.18
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0ad899adac3a581374e382059d925a93b2572781f0635b1627b41c0c49c262e1
0c12d12df4f8be598a47f0f9b2a3c78e2b05ff35e6f53643bcb1ab13da4801dc
0d985086a6cf7546fb188171295ee6a6674f9a67e3057e8e8e5d7c61372e4247
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1283a4c5380c51e11b99f8cd02d48c41d9713f8277fcff9df9c1fce070cd441a
15c6ec145ad53b0e05a4864692e4673544bfc34dda96404cc34738c14ab72f7a
1fdda0bc8200b032659037da504372088fef3a0d91cdb92f6f96def801b92ca2
279a3ae188cf8d197246dfc6e5a8b3a2a050c3937f243048cd3f7b992dd2d165
28831f0faa4bc0fc70072a9a160fc16b6478407d79d2b6de8d45fe7cd331b5cf
28fc01f34a0d85cd823ec1fc072477f604f897b97c42eb1281dfe6d21190c7ae
2ab2a7f5b084468abad0ffe4ff17a2c77db3187825dc75c5aa0d5f58c388c3db
324474b171a8a33a16936da2a34592744325dd32d57ba0f4eec4d6564c02e15d
354747840fec69f5818d713d43de0ea370af8496eefa360930ceff59fd799459
382431ff8d66f7f25ea2708c50fc343beada02524ff044ad3f79383ca8fd69e4
385ae9cbb38251f186771e5b95ffc7538ba77a8072d671b9229e4b1edf759cb6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fa894c8528c1a338ccffb21538215778063b90bd70b7e09b6bb97a6acd57e5
4903ced1956c79328bcf0e97481dd5743d3694c623718bc8d7abcf7edeb45463
4b5596d78408a456e964a6b9b77765f8831a4ff84ae104d7a8ce62b297adae00
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ca733b025fe3acd0a829cb34b5c6386606d2a68f235a9bee4e8987211a9b25a
5ee88e5111df53f6a66243cb91f96198565ea4ede65a5483c7a5aa8f94e1c225
61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6
6522288822645d28c4167190971d535aa328e0258d10c06ae0570c62beaadd86
695dabbc336a19e70f705340f375bd1e94bedf272b802a652f97c706048cffb9
7204d3a47833ea671c0f4d91c0393239c7bcd14eefdd0858743cb153913b54d4
7290b3c9b0ba0bf7e16f21fd945fa12e93ce2ebd352561c617f13cb0963d11ea
743690f0b0ec9885984d519248bd8b5c874b806ceb330328a96852206a0d06f4
75164a78f74cd340c6326ba3d1451ed09b78a62c2e9bfac23be079fb00c5140f
7b0e85a825d097c87ebba27f7659ff48fb2b2debd878d0a8435ce9e8ec994cf2
7c85338e97d2e41b9c266d01d7d147ab8af92228572a09b8eb62daf43289781e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8baa0a5c2e02537e4d3e867df2811e4defa3e40ce50c4fe79aa18371e6a932ee
8f731b4ce4b647b0c75311044fa69de67e5f5d50f535b7f6b56197c6a5a5cca1
920f92d5de734fe0a4b98db9b0748966ee1b5e88248dffbe821558effc159887
926d850816bee4a85c9c1922ab88fa0d21c7cb4a702e98dccec4e6a2380d8234
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
99f4edb312467acaddb8e120e5ced5db7070f5f90a7b96146e15d33858c49cc5
9ae499b417b54b0f6ead02b5b163670cfbd0f2b7596658043fab28d5e669398c
9c7cb8df08ba0c1ba9f3409d8f909d4e67b78a2c5ea36f10ba19837169f03ef2
a23648efca985a0e7f98b602d8c8a6e816b37ff0178d7647eec7be1c209a4506
a3ef5620df454ddb54a1fa7523e4bebb4600097e330e80ba3ace9bf1b88751b0
a48989f81d99590acb72980d58c0f3987f5c2d3725c84d99f2ed58f1ceed5b6b
a4c20140db48609139bdad1af1ca4218991742a1952bd38fa933c3165f06df41
a66c489c1eacf6d94b908a6d37b76edcbcb882c00c83ff960df1cfd4e1a196b3
a71669ec7f6b4bf24d8209721727b04160c2f8c1f91c8910f8090c657d2a1972
a7e754bb105aff605522210751b167b8ee4b451209828123eed6fd4d340ebfa8
aae6abe671ad1895d993d716adf014cfd9af560697631a5250856e283560c013
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
ba188fb64aa0385fd424a8b115cccd5a0db22df821e6c6f3c3d0446e2f2f83f6
c3113968d2db5a4b4d06916cd709d6bd35e7402fb2d9e7b0425b10a0a2432539
c890abbe875a20a1e27a2efba4402dfb4f68198763952fdbc38f51cab6cce7ed
ca97384a1a8531b76a3c62d2939b58acd500acd39e662f73e486b482d6af940b
cbe355f62177e3362656a97da9a0c01a94c2bb2af8afa454ae87a3d0ad2346c6
cdab0d8baea190ddd27a788f009a6d897ddf1beff33356bfc342e3a1de4a0b61
ce4f21789f2aceb531ec075f9256a1aeb6f602182a6f2b68649fc4b5ec93637a
db6a187517910178468db5fcb1df23bed7a6c6ecaad303dcd33f754207d04fc6
dfde8fa400e941ae4d362664cc7e86acd3c3a80fb0f45b4ff6a291c8ac508d37
e1b11b85dcfe949a090a94023e151f41e78baa564db2037f47b50aa9ad7f70aa
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff56386d8f9e994efbd0319f2b7b56b9a1d60030cef603599eb1b8e02d104b
e607b69a1bd3deba5fff7718c5cd1b99d9339f3d953feaa22d91a73e0f825ce4
e71949a0762b91d20961a25ed2be185c16469a5bb28da1a89641b3b014cc43eb
e7610a0bf7dd6ea86d6df1f712892f6acdd669bee151176ffc184a989f73c23a
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e9ff4042c1fac82f9f8dae2dfd22e716ea9a21caa38d2d46f47a7a5fad60842a
ef296d4a433776f9f4dfbeaa3654b01c515ceeb43f60c165c705bc176e59dd71
f00ddfc0bcb80d7d59880eadb61f82f78a6b3886bcebfdca83cb995f6e2ec93f
f1abd69e8a61f057bd13900e7879dcf73607cefd1b6afbefa3c5672399cadcae
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f6ac095743621380867a79bcba12371e153c375a572f6e04af0e65707d78bcac
f6f4a362de64f73f6ec5b42f4d825d562a4f3381d6c3d3924c11c4dd02b3a20e
f7dd703af41412e40ec7ecfeea431aeae38561ca8eb2f1183b50bc72025bd514
fb37650e58c285f6c6a65b646fa706a494678a7e9b25bc249ba777a76f25b4ec
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffc8c5bf522003e4762af762c814b29df1f60fd4585029b896d442f7b6dee625