urlscan.io logo urlscan.io
SecurityTrails logo

kuvapankki.evl.fi Open in urlscan Pro
87.108.27.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kuvapankki.evl.fi/
Effective URL: https://kuvapankki.evl.fi/welcome.jspx
Submission: On October 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 87.108.27.225, located in Vantaa, Finland and belongs to EQUINIX-CONNECT, GB. The main domain is kuvapankki.evl.fi.
TLS certificate: Issued by R3 on July 11th 2021. Valid for: 3 months.
This is the only time kuvapankki.evl.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 87.108.27.225 15830 (EQUINIX-C...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
18 evl.fi
kuvapankki.evl.fi
1 MB
2 google-analytics.com
www.google-analytics.com
20 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
21 3
Domain Requested by
18 kuvapankki.evl.fi 1 redirects kuvapankki.evl.fi
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com kuvapankki.evl.fi
21 3

This site contains links to these domains. Also see Links.

Domain
yhteinen.evlutkirkko.fi
Subject Issuer Validity Valid
kuvapankki.evl.fi
R3		 2021-07-11 -
2021-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://kuvapankki.evl.fi/welcome.jspx
Frame ID: 17BB2686074A1A4E0595E0C1AE14125B
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kirkon kuvapankki

Page URL History Show full URLs

  1. https://kuvapankki.evl.fi/ HTTP 302
    https://kuvapankki.evl.fi/welcome.jspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1188 kB
Transfer

1254 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kuvapankki.evl.fi/ HTTP 302
    https://kuvapankki.evl.fi/welcome.jspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set welcome.jspx
kuvapankki.evl.fi/
Redirect Chain
  • https://kuvapankki.evl.fi/
  • https://kuvapankki.evl.fi/welcome.jspx
7 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
da19b8fb05f97de948f28c19fc639c54f7316160c005450d8ff8693e4d13e58f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
kuvapankki.evl.fi
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=991F0373AD7CF2EA8E7A5EB904D8C8CC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
Referrer-Policy
same-origin
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expect-CT
max-age=30, enforce
Set-Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61; Path=/; Secure; HttpOnly; Secure
Content-Type
text/html;charset=utf-8
Content-Length
7480
Date
Wed, 06 Oct 2021 19:32:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;

Redirect headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
Referrer-Policy
same-origin
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expect-CT
max-age=30, enforce
Set-Cookie
JSESSIONID=991F0373AD7CF2EA8E7A5EB904D8C8CC; Path=/; Secure; HttpOnly; Secure
Location
https://kuvapankki.evl.fi:443/welcome.jspx
Content-Type
text/html;charset=utf-8
Content-Length
0
Date
Wed, 06 Oct 2021 19:32:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
4b13b538-847d-4c98-a89a-2d8b14cd18a2.css
kuvapankki.evl.fi/css/ 		112 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
126d9e121c57f581aa852a64e56934456553ce42df89ff4a714ecae3e4a771d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sat, 06 Nov 2021 20:32:15 GMT
rvs2css.jspx
kuvapankki.evl.fi/app/style/awp/ 		78 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/app/style/awp/rvs2css.jspx?collectionViewID=%7B506ffea7-e574-4c3d-8ccb-fbafce360b70%7D
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
cc9256d673c491cd87815278e1e21515565a3a284becd013e7558da7ea6e6539
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
text/css;charset=utf-8
Cache-Control
private
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
4b13b538-847d-4c98-a89a-2d8b14cd18a2.css
kuvapankki.evl.fi/plugins/videojs/styles/ 		53 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/plugins/videojs/styles/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=4b936c6ac77fdd4024707e223abb1190
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
11dabbb9338995d33640745f9af663c15f6820505ffa7cf2fe17b5e76fdd23ff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sat, 06 Nov 2021 20:32:15 GMT
4b13b538-847d-4c98-a89a-2d8b14cd18a2.js
kuvapankki.evl.fi/plugins/videojs/js/ 		212 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/plugins/videojs/js/4b13b538-847d-4c98-a89a-2d8b14cd18a2.js?c=f119b2909b5236764d19f4849e956984
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
763e9ecd7d420ff19bae711710b0e060524caf5d0edc3c73593129f28ff47cb2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sat, 06 Nov 2021 20:32:15 GMT
system.js
kuvapankki.evl.fi/plugins/systemjs/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/plugins/systemjs/system.js?c=b7a751663a914b4e291f340826095141
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
bfa6123bf9f128da34081c9fe72b0e028356f7bfb36be042a1ed472139466cb4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
17260
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"17260-1568970771615"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
intl-messageformat.js
kuvapankki.evl.fi/plugins/intl/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/plugins/intl/intl-messageformat.js?c=47048ea857c5688b8da8bb2ebb5f2f4e
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
1166bfb84c2899f80cc383cd1f64c964fbbfe7313e12356568bb7be3d2c0a1be
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
15566
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"15566-1568970771584"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
awp.js
kuvapankki.evl.fi/js/ 		278 KB
279 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/js/awp.js?c=a2388c737ce40b7ad14fdca85c5b7d37
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
9ecaf6557b547dbe0bae1e7925d31978c1295396e1571d77be321b3820e981f3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
284731
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"284731-1568970771568"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
boot.jspx
kuvapankki.evl.fi/app/ 		733 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/app/boot.jspx?c=5ad3162240b6c06d6b2ab3818a2f8873
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
fdb27da6de83d14af929b02c0a085292ea1bf1562eeb112562c5d57572b80cd0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript;charset=utf-8
Cache-Control
private
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
733
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
logo_landingpage.svg
kuvapankki.evl.fi/app/style/svg/im/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kuvapankki.evl.fi/app/style/svg/im/logo_landingpage.svg
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
aedcb5a7cfc881ff0aacbbc2559152093f654c19effc01da5628ab4676197f4e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
8978
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 05 Apr 2019 08:09:53 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"8978-1554451793031"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
logo.svg
kuvapankki.evl.fi/app/style/svg/im/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kuvapankki.evl.fi/app/style/svg/im/logo.svg
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
367b6680e5702d23160120426ef0c1014e84787d12a651df4e86229a0de20bab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
9248
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 05 Apr 2019 08:08:50 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"9248-1554451730585"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
sprite.svg
kuvapankki.evl.fi/app/style/svg/im/ 		30 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/app/style/svg/im/sprite.svg
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/welcome.jspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
d5a1a321a6008bcfe5bfade1d85de89b53794358f2e41fd7278b0369aee4c1ef
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
same-origin
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
30986
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"30986-1568970771552"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:15 GMT
/
kuvapankki.evl.fi/S/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kuvapankki.evl.fi/S/?v=812dfdfd-71fa-458d-a731-67e8854db4cc&b=1600
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
14c7bcab8a2199c8dc2e2a232b3fa302a9fbc45546c203db6be5e771de718572
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sat, 06 Nov 2021 20:32:16 GMT
Raleway-Regular.woff
kuvapankki.evl.fi/css/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/css/fonts/Raleway-Regular.woff
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
de815057e0d9ef161312a40685e68a19678b0998965c28adb4e7d93bc671bc13
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://kuvapankki.evl.fi
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Referer
https://kuvapankki.evl.fi/css/4b13b538-847d-4c98-a89a-2d8b14cd18a2.css?c=ba8cd075de946662876acbd0d2c871c8
Origin
https://kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
X-Frame-Options
DENY
ETag
W/"24788-1568970771568"
Expect-CT
max-age=30, enforce
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Type
font/woff
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Date
Wed, 06 Oct 2021 19:32:15 GMT
Accept-Ranges
bytes
Content-Length
24788
X-XSS-Protection
1; mode=block
csrf.jspx
kuvapankki.evl.fi/app/session/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/app/session/csrf.jspx
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/js/awp.js?c=a2388c737ce40b7ad14fdca85c5b7d37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
X-CSRF-Token
Fetch
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Content-type
application/x-www-form-urlencoded;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Referer
https://kuvapankki.evl.fi/welcome.jspx
X-CSRF-Token
Fetch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
X-CSRF-Token
61D4CF1C383935053C57B14A42733998
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
text/html;charset=utf-8
Cache-Control
private
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
markdown-it.js
kuvapankki.evl.fi/plugins/markdown/ 		97 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/plugins/markdown/markdown-it.js
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/js/awp.js?c=a2388c737ce40b7ad14fdca85c5b7d37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
c62de189eeb8e1c495023d256b075a8d2abd07efd20c6bec05dc808f12625f6e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
kuvapankki.evl.fi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://kuvapankki.evl.fi/welcome.jspx
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://kuvapankki.evl.fi/welcome.jspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
99535
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 20 Sep 2019 09:12:51 GMT
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2682000
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
ETag
W/"99535-1568970771599"
Accept-Ranges
bytes
Expires
Sat, 06 Nov 2021 20:32:16 GMT
cookieconsent.jspx
kuvapankki.evl.fi/app/c/cookieconsent/ 		521 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kuvapankki.evl.fi/app/c/cookieconsent/cookieconsent.jspx
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/js/awp.js?c=a2388c737ce40b7ad14fdca85c5b7d37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.108.27.225 Vantaa, Finland, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
server225.tieke.fi
Software
/
Resource Hash
128c2aa9b8f629bb4d019360d4ae3981db0ddd21f05631465dc6346b7b94ddf2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://kuvapankki.evl.fi
Accept-Encoding
gzip, deflate, br
X-CSRF-Token
61D4CF1C383935053C57B14A42733998
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
JSESSIONID=1AB89B446F185D97FE85A0F1475F0F61
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Host
kuvapankki.evl.fi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://kuvapankki.evl.fi/welcome.jspx
Sec-Fetch-Site
same-origin
Referer
https://kuvapankki.evl.fi/welcome.jspx
X-CSRF-Token
61D4CF1C383935053C57B14A42733998
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Content-Security-Policy
default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Referrer-Policy
same-origin
Date
Wed, 06 Oct 2021 19:32:15 GMT
Expect-CT
max-age=30, enforce
X-Frame-Options
DENY
Content-Type
text/html;charset=utf-8
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Content-Length
521
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1047611-58
Requested by
Host: kuvapankki.evl.fi
URL: https://kuvapankki.evl.fi/js/awp.js?c=a2388c737ce40b7ad14fdca85c5b7d37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25172a61f3dee75c1b8aef5754d46a5048871bc9bb8394fe938d2aec72eab72a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 19:32:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39170
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Oct 2021 19:32:17 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1047611-58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5471
date
Wed, 06 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 06 Oct 2021 20:01:06 GMT
collect
www.google-analytics.com/j/ 		0
0
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1408125846&t=event&_s=2&dl=https%3A%2F%2Fkuvapankki.evl.fi%2Fwelcome.jspx&ul=en-us&de=UTF-8&dt=Kirkon%20kuvapankki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=session&ea=login&el=&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1815712179.1633548737&tid=UA-1047611-58&_gid=1951873980.1633548737&gtm=2oua40&z=2041490999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 14:24:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18467
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1408125846&t=pageview&_s=1&dl=https%3A%2F%2Fkuvapankki.evl.fi%2Fwelcome.jspx&ul=en-us&de=UTF-8&dt=Kirkon%20kuvapankki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=284907891&gjid=1262772752&cid=1815712179.1633548737&tid=UA-1047611-58&_gid=1951873980.1633548737&_r=1&gtm=2oua40&z=521885788

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| vttjs function| WebVTT function| videojs object| SystemJS object| System function| IntlMessageFormat function| __values function| __extends function| __awaiter function| __generator object| awpConfig object| awp function| __initAPIResource__markdown function| __initAPIResource__analytics function| gtag object| dataLayer function| markdownit object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
kuvapankki.evl.fi/ Name: JSESSIONID
Value: 1AB89B446F185D97FE85A0F1475F0F61
.evl.fi/ Name: _ga
Value: GA1.2.1815712179.1633548737
.evl.fi/ Name: _gid
Value: GA1.2.1951873980.1633548737
.evl.fi/ Name: _gat_gtag_UA_1047611_58
Value: 1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security error URL: https://www.google-analytics.com/analytics.js(Line 38)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1408125846&t=pageview&_s=1&dl=https%3A%2F%2Fkuvapankki.evl.fi%2Fwelcome.jspx&ul=en-us&de=UTF-8&dt=Kirkon%20kuvapankki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=284907891&gjid=1262772752&cid=1815712179.1633548737&tid=UA-1047611-58&_gid=1951873980.1633548737&_r=1&gtm=2oua40&z=521885788' because it violates the following Content Security Policy directive: "connect-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src 'self' https://*.googleapis.com https://fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self'; img-src 'self' https: data:; media-src 'self'; object-src 'self'; script-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kuvapankki.evl.fi
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
2a00:1450:4001:803::200e
2a00:1450:4001:82f::2008
87.108.27.225
1166bfb84c2899f80cc383cd1f64c964fbbfe7313e12356568bb7be3d2c0a1be
11dabbb9338995d33640745f9af663c15f6820505ffa7cf2fe17b5e76fdd23ff
126d9e121c57f581aa852a64e56934456553ce42df89ff4a714ecae3e4a771d9
128c2aa9b8f629bb4d019360d4ae3981db0ddd21f05631465dc6346b7b94ddf2
14c7bcab8a2199c8dc2e2a232b3fa302a9fbc45546c203db6be5e771de718572
25172a61f3dee75c1b8aef5754d46a5048871bc9bb8394fe938d2aec72eab72a
367b6680e5702d23160120426ef0c1014e84787d12a651df4e86229a0de20bab
763e9ecd7d420ff19bae711710b0e060524caf5d0edc3c73593129f28ff47cb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ecaf6557b547dbe0bae1e7925d31978c1295396e1571d77be321b3820e981f3
aedcb5a7cfc881ff0aacbbc2559152093f654c19effc01da5628ab4676197f4e
bfa6123bf9f128da34081c9fe72b0e028356f7bfb36be042a1ed472139466cb4
c62de189eeb8e1c495023d256b075a8d2abd07efd20c6bec05dc808f12625f6e
cc9256d673c491cd87815278e1e21515565a3a284becd013e7558da7ea6e6539
d5a1a321a6008bcfe5bfade1d85de89b53794358f2e41fd7278b0369aee4c1ef
da19b8fb05f97de948f28c19fc639c54f7316160c005450d8ff8693e4d13e58f
de815057e0d9ef161312a40685e68a19678b0998965c28adb4e7d93bc671bc13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdb27da6de83d14af929b02c0a085292ea1bf1562eeb112562c5d57572b80cd0