urlscan.io logo urlscan.io
SecurityTrails logo

www.fim.com Open in urlscan Pro
51.105.207.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fim.com/fi/
Submission: On March 19 via manual from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 51.105.207.243, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.fim.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 22nd 2020. Valid for: 2 years.
This is the only time www.fim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 51.105.207.243 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 178.63.227.217 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 178.63.179.193 24940 (HETZNER-AS)
47 11
19    51.105.207.243 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.fim.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:2800:234:660:118e:28f:1d8a:2522 (United States)

ASN15133 (EDGECAST, US)
fast.fonts.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    178.63.227.217 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com
service.giosg.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    178.63.179.193 (Hanover, Germany)

ASN24940 (HETZNER-AS, DE)
2880.clients.giosgusercontent.com
Domain Requested by
19 www.fim.com www.fim.com
10 service.giosg.com www.fim.com
service.giosg.com
2880.clients.giosgusercontent.com
8 2880.clients.giosgusercontent.com service.giosg.com
2880.clients.giosgusercontent.com
4 script.crazyegg.com www.fim.com
script.crazyegg.com
2 www.google-analytics.com www.googletagmanager.com
www.fim.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.fim.com
1 fast.fonts.net www.fim.com
1 www.google.com www.fim.com
47 9
Subject Issuer Validity Valid
fim.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-22 -
2022-01-22		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
s9.wac.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-01 -
2022-03-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2		 2019-06-20 -
2021-08-19		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
*.clients.giosgusercontent.com
Starfield Secure Certificate Authority - G2		 2019-08-08 -
2021-08-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.fim.com/fi/
Frame ID: 13788119674407054F47F8E75E3C9C91
Requests: 37 HTTP requests in this frame

Frame: https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Frame ID: F294776DED6400D11C5AC74140B30BE8
Requests: 8 HTTP requests in this frame

Frame: https://service.giosg.com/credentials/2880/?url=https%3A%2F%2F2880.clients.giosgusercontent.com
Frame ID: 5B69FFF6F21C00723AB7B6A10DC4FCBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

1553 kB
Transfer

4043 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.fim.com/fi/ 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d32e9aeb6b699c4280cbb0463f6537c2ca144fc83593144588d78a1d8bc12299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.fim.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Type
text/html; charset=utf-8
Content-Length
15349
Connection
keep-alive
Cache-Control
private
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=il1ubyp0oivqbjcrtclniinq; path=/; secure; HttpOnly; SameSite=Lax UUID=c1e47361-abe7-47bd-ade6-6d4093987b2b; expires=Wed, 19-Mar-2121 17:19:52 GMT; path=/; secure; HttpOnly ARRAffinity=35563b90aac521b0c2a10591f530d555f5aac003c74e40c828bfd0e3b7fe8740;Path=/;HttpOnly;Secure;Domain=fim.episerver-prod.intra.s-pankki.fi ARRAffinitySameSite=35563b90aac521b0c2a10591f530d555f5aac003c74e40c828bfd0e3b7fe8740;Path=/;HttpOnly;SameSite=None;Secure;Domain=fim.episerver-prod.intra.s-pankki.fi
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Access-Control-Expose-Headers
Request-Context
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
fim-vendor.min.css
www.fim.com/Assets/css/ 		154 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/css/fim-vendor.min.css?v=7da1dd41ca515e6c7e2a595a97465909
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
57cf7da1b3432300ef79dd4937dc10b5ad1cdc9974ec514468eb34f04720b871
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
37303
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:30 GMT
Server
Microsoft-IIS/10.0
ETag
"468393da16ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
fim.min.css
www.fim.com/Assets/css/ 		140 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8597a234d0629cd27b460d82b49795f8c4915796ea79fd0e3d30c12e2719eb0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
26527
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:29 GMT
Server
Microsoft-IIS/10.0
ETag
"e61234da16ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
slimmage.min.js
www.fim.com/Assets/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
49af6e3865025eb9836a04e2e2ae8115ce11a852941ef1d9a3c4b297f790adf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2428
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:19 GMT
Server
Microsoft-IIS/10.0
ETag
"a8fc1fd416ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/ 		850 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=fi
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0fcac8dec17dc2b3a2f7cb9bbfaa31237eef9dd824a2d937ebd44715ff327602
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Fri, 19 Mar 2021 17:19:52 GMT
vendor.min.js
www.fim.com/Assets/js/ 		758 KB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/js/vendor.min.js?v=56d76064366d8184e9c67c04919ad91f
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5d68c40c6ca7758b571af740d7e9844a5f5e7e90e765b8c59c1b59db84d0ac0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
292432
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:37 GMT
Server
Microsoft-IIS/10.0
ETag
"cc75e6de16ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
s-pankki.min.js
www.fim.com/Assets/js/ 		358 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/js/s-pankki.min.js?v=e445ecf2c2e8688aac2b16f24298afdc
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bd18df581954aa44e92d7f17e68b4ad0ccbd7df693cd4e3bc114d4517fe6a692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
100220
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:43 GMT
Server
Microsoft-IIS/10.0
ETag
"263d67e216ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
sconsent.js
www.fim.com/Assets/js/ 		168 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/js/sconsent.js
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
75b4f91a8c3358f07554a9f1720c1ce9db1e843413e7a00808cc547e3653330d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
233
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:29 GMT
Server
Microsoft-IIS/10.0
ETag
"709f45da16ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
1.css
fast.fonts.net/t/ 		0
159 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=eb64ee4e-01d9-47ce-bcc8-6c5de4fd0040
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:52 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (amb/6BB9)
age
1492558
etag
"616070693"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
expires
Fri, 19 Mar 2021 17:19:51 GMT
gtm.js
www.googletagmanager.com/ 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGH42J
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca0ccaaa4545e17d7cc20353c8c2b87fb0534a661df1d86281497990f5ac3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39961
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 15:52:39 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Mar 2021 17:19:52 GMT
fim_right.svg
www.fim.com/Assets/img/elements/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/Assets/img/elements/fim_right.svg
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d66f1046393e7adcd70b3ea2068845773af3a18786f46d762354b75a368738a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 08:48:11 GMT
Server
Microsoft-IIS/10.0
ETag
"c750743512b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/svg+xml
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1081
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
fim_bg_pattern.png
www.fim.com/Assets/img/backgrounds/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/Assets/img/backgrounds/fim_bg_pattern.png
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
29a7b9304d298eeb44234198bb747c1fb0fe0405074b2ecf2fe9951afc1ed5bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 08:48:11 GMT
Server
Microsoft-IIS/10.0
ETag
"89da5e3512b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public,max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41644
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
89cdefe7-0e02-4f9b-9b0a-c92845cab3d6.woff
www.fim.com/Assets/fonts/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/fonts/89cdefe7-0e02-4f9b-9b0a-c92845cab3d6.woff
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8e018ac0180c8b7246c02eb995f116d72ac8c7df02b6d06d8df6b16295e9f1f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.fim.com
Referer
https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 08:48:10 GMT
Server
Microsoft-IIS/10.0
ETag
"e83a493512b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61566
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
fontawesome-webfont.woff2
www.fim.com/Assets/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim-vendor.min.css?v=7da1dd41ca515e6c7e2a595a97465909
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.fim.com
Referer
https://www.fim.com/Assets/css/fim-vendor.min.css?v=7da1dd41ca515e6c7e2a595a97465909
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 08:48:10 GMT
Server
Microsoft-IIS/10.0
ETag
"c745a3512b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-font-woff2
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71896
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=fi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbcb9153858724a0c9cd859e6e11a37d1e9ba38a3c50d3d5dcf665c80b6e3957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fim.com
Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 09:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114360
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133938
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:33:52 GMT
app-2504e24f722d38b9760d.js
www.fim.com/Assets/js/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/js/app-2504e24f722d38b9760d.js
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/js/sconsent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f3549a976748bf9b92480125750fe50b9c2b67492659d5895952ca7a84e7e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
15638
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
Last-Modified
Tue, 23 Feb 2021 19:05:17 GMT
Server
Microsoft-IIS/10.0
ETag
"8054a0d216ad71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-javascript
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Accept-Ranges
bytes
0909f879-d4b6-4d64-8bfd-b9990c7bd2ff.woff
www.fim.com/Assets/fonts/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fim.com/Assets/fonts/0909f879-d4b6-4d64-8bfd-b9990c7bd2ff.woff
Requested by
Host: www.fim.com
URL: https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
548c1fc5e7020135196e983298de264df8540d70740fc544200f7fc042f0db4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.fim.com
Referer
https://www.fim.com/Assets/css/fim.min.css?v=9b1d18ed7c07f1134133a459162faaff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 08:48:10 GMT
Server
Microsoft-IIS/10.0
ETag
"d573443512b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
application/x-font-woff
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49505
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
fim.png
www.fim.com/Assets/img/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/Assets/img/logos/fim.png?width=160&quality=80
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
67633a584cd903984abefc9c3950edd6b2c5503bd4dc791a0ed87e1449ec8890
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 13:29:31 GMT
Server
Microsoft-IIS/10.0
ETag
"5c77bc8239b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2588
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
houseview.jpg
www.fim.com/globalassets/media2/nakemys/kuvat/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/globalassets/media2/nakemys/kuvat/houseview.jpg?width=480&quality=80
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
346ec652e9348bff665e221a3d696274add65005a16edcf2b021a2dbc2564403
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Jan 2020 07:53:23 GMT
Server
Microsoft-IIS/10.0
ETag
"6b59d5642ccd51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/jpeg
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44816
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
s-pankki-artikkeli-suominen-lippo-korona-heiluttaa-sijoituksia-mika-neuvoksi-1600x1000px.jpg
www.fim.com/globalassets/media/artikkelien-kuvat/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/globalassets/media/artikkelien-kuvat/s-pankki-artikkeli-suominen-lippo-korona-heiluttaa-sijoituksia-mika-neuvoksi-1600x1000px.jpg?width=480&quality=80
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
953fac9a7dd46fa182d9af50d0e71c69759a093a746b1c96419f46f2eea9fec7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Aug 2020 04:20:23 GMT
Server
Microsoft-IIS/10.0
ETag
"ebc7dce2cd79d61:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/jpeg
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12098
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
s-pankki-tiedote-malminkartanontie1-1600x1000.jpg
www.fim.com/globalassets/media/tiedotteiden-kuvat/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/globalassets/media/tiedotteiden-kuvat/s-pankki-tiedote-malminkartanontie1-1600x1000.jpg?width=480&quality=80
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3547b814dd06191c15bc4e5964fcda2855b17299d32cd8f8c288091e50371a5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 Feb 2021 07:00:36 GMT
Server
Microsoft-IIS/10.0
ETag
"ecd76b6d314d71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/jpeg
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25174
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
fim.png
www.fim.com/Assets/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/Assets/img/logos/fim.png?width=320&quality=80
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e0cad8f5dc7168a32e0964805dd4671353740b758fd9f430e06e80e149176c75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 13:29:31 GMT
Server
Microsoft-IIS/10.0
ETag
"cfdabe8239b7d51:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4744
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
istock-503813330_kiinteistorahastot_yleinen_1600x300px.jpg
www.fim.com/globalassets/media/1600x1000-300px-kuvat/toimitila--ja-tonttirahasto/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fim.com/globalassets/media/1600x1000-300px-kuvat/toimitila--ja-tonttirahasto/istock-503813330_kiinteistorahastot_yleinen_1600x300px.jpg?width=1760&quality=80&height=300&anchor=middlecenter&mode=crop
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.207.243 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ad824347c2367ab5cf087d202dbef906ec8c64dfa0b45002086024077e34cda9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fim.com/fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 17:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Mar 2021 11:54:29 GMT
Server
Microsoft-IIS/10.0
ETag
"759415a391ed71:0"
Strict-Transport-Security
max-age=63072000
Content-Type
image/jpeg
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122469
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:7430fcf0-bd3f-47c8-887e-a770188ff387
/
service.giosg.com/live/ 		284 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/live/
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
1a001e90321ff81e66b2f2b0ae5d26765248ea440c9ca0207c3cd41fabfce7d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:06:35 GMT
server
nginx
etag
"6053181b-15fc2"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=86400, public
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
content-length
90050
expires
Sat, 20 Mar 2021 17:19:53 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGH42J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4637
date
Fri, 19 Mar 2021 16:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 19 Mar 2021 18:02:35 GMT
1674.js
script.crazyegg.com/pages/scripts/0014/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0014/1674.js?448937
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
953fb33671cb21360745f54ce340caa543755b1694c661c778deb0773670e5be

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
88516
cf-polished
origSize=4157
ce-version
11.1.262
cf-request-id
08ed193eaa00004a9d891b6000000001
timing-allow-origin
*
last-modified
Thu, 18 Mar 2021 16:44:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
63285e444cf04a9d-FRA
cf-bgj
minify
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=561653586&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fim.com%2Ffi%2F&ul=en-us&de=UTF-8&dt=FIM%20-%20suomalainen%20yksityispankki%20ja%20varainhoitaja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&cid=1754722011.1616174393&tid=UA-37407484-9&_gid=1623182324.1616174393&gtm=2wg3a0NGH42J&cd1=c1e47361-abe7-47bd-ade6-6d4093987b2b&z=1589536586
Requested by
Host: www.fim.com
URL: https://www.fim.com/fi/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 12:53:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15986
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1674.json
script.crazyegg.com/pages/data-scripts/0014/ 		24 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0014/1674.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0014/1674.js?448937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088ac6f102823e71f322abff3ba1108310a2c92e4680976c84a11fc6da6bb69e

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
88516
ce-version
11.1.262
content-length
1878
cf-request-id
08ed193ee90000535d7302f000000001
timing-allow-origin
*
last-modified
Thu, 18 Mar 2021 16:44:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
63285e44a897535d-FRA
11.1.262.js
script.crazyegg.com/pages/versioned/common-scripts/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.262.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0014/1674.js?448937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c42fe5668104ec910e222ca23b2a50defbbbebd931a548ed8348f2aff1d4a9e

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
88545
cf-ray
63285e44dde84a9d-FRA
content-length
20535
cf-request-id
08ed193f0800004a9db6992000000001
last-modified
Fri, 12 Mar 2021 18:35:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
/
service.giosg.com/api/v2/visitor/settings/2880/ 		175 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v2/visitor/settings/2880/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
75b570aad6e1037666c99749ccb3223d33ac9680f61e563c3dcea6d7d786d89f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Client-Origin
https://www.fim.com

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 17:19:55 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
1836
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
content-type
application/json
content-length
31117
/
service.giosg.com/api/v2/visitor/settings/2880/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v2/visitor/settings/2880/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Protocol
H2
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-client-origin
Origin
https://www.fim.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Fri, 19 Mar 2021 17:19:53 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
1674.json
script.crazyegg.com/pages/sampling-data-scripts/0014/ 		2 KB
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0014/1674.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.262.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89a7d23c81017157702c3595570ed5969ceaf9f30e581cf669c7d3ee54bdeec

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74972
ce-version
11.1.262
content-length
486
cf-request-id
08ed193f420000535d2a95c000000001
timing-allow-origin
*
last-modified
Thu, 18 Mar 2021 20:30:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
63285e4539b9535d-FRA
giosgClient.ca40bcb614e64b3625a8.js
service.giosg.com/static/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/giosgClient.ca40bcb614e64b3625a8.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
ccb1bec0136cf7b8290a20b9a6545678c9172a08742f69bb375ee05babcd58b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:06:35 GMT
server
nginx
etag
"6053181b-e3fe"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
58366
expires
Thu, 31 Dec 2037 23:55:55 GMT
giosgClient.4e298208fa25935a.css
service.giosg.com/static/stylesheets/ 		25 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/stylesheets/giosgClient.4e298208fa25935a.css
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
4cd9300dc2a6c9d7a5596c048d5aee9c447dd5f0746231066191f8131033b9fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:06:35 GMT
server
nginx
etag
"6053181b-2025"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
8229
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
2880.clients.giosgusercontent.com/cd/2880/60jep/ Frame F294 		75 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8b301dbb49cea438cf7056713b838dbc6af958243accb75d84b4afb81c5b258f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
2880.clients.giosgusercontent.com
:scheme
https
:path
/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fim.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fim.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
22199
content-type
text/html; charset=utf-8
date
Fri, 19 Mar 2021 17:19:55 GMT
pragma
no-cache
server
nginx
set-cookie
csrftoken=T31GheQgZ8flt7slhN51k7ehZ7FvG4KZRnulPIraZu8GqHWOgZUzGAaGbs1MZ9ph; expires=Fri, 18 Mar 2022 17:19:55 GMT; Max-Age=31449600; Path=/; SameSite=none; Secure
vary
Cookie, Accept-Language, Accept-Encoding
x-response-duration
39
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
visitor.0de6dd31f776e652.css
2880.clients.giosgusercontent.com/static/stylesheets/ Frame F294 		40 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/static/stylesheets/visitor.0de6dd31f776e652.css
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
974824c628da89c89ea3b27d7a4506b91eb76763b1b8a2e3c2a2c1b916157f28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:06:35 GMT
server
nginx
etag
"6053181b-28cb"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
text/css
content-length
10443
expires
Thu, 31 Dec 2037 23:55:55 GMT
visitor.0a1ce233636dc36dedc7.js
2880.clients.giosgusercontent.com/static/ Frame F294 		689 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
5b7256d07a5e1903dee7211c4967ff1aa82ddcfcab0ae12bab92153c0d54cc0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 17:19:55 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:06:35 GMT
server
nginx
etag
"6053181b-2fa85"
vary
Accept-Encoding
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
max-age=315360000, public
strict-transport-security
max-age=63072000
content-type
application/javascript
content-length
195205
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
service.giosg.com/credentials/2880/ Frame 5B69 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/credentials/2880/?url=https%3A%2F%2F2880.clients.giosgusercontent.com
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
d791d8d9c91eba5ff72ad8459dcd87a1af7c0349f863fc72be789431ccbc6244
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
service.giosg.com
:scheme
https
:path
/credentials/2880/?url=https%3A%2F%2F2880.clients.giosgusercontent.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2880.clients.giosgusercontent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2880.clients.giosgusercontent.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-length
2497
content-type
text/html; charset=utf-8
date
Fri, 19 Mar 2021 17:19:56 GMT
pragma
no-cache
server
nginx
set-cookie
gid=m2owlj2gg7sfcoitvmaaeu2gkbiirvyr5ofw4ascvqiqajqm; expires=Sun, 19-Mar-2023 17:19:56 GMT; Max-Age=63072000; Path=/; SameSite=None; Secure sgid=2oceogc5x5q2g465qqaakaacontqeectiznv5cgxchvyw3qcikwbcabgbq; expires=Sun, 19-Mar-2023 17:19:56 GMT; Max-Age=63072000; Path=/; SameSite=None; Secure
vary
Accept-Language, Accept-Encoding
x-response-duration
8
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/v5/public/trace/ 		18 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
d85970168aaa7b320d4f335d425990a1061bd5b6ccec9dfde2eeac68fc96edca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
436
allow
GET, POST, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
18
chats
2880.clients.giosgusercontent.com/api/v5/public/visitors/3117211ae95ab0aa019de144db88317c/ Frame F294 		42 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/api/v5/public/visitors/3117211ae95ab0aa019de144db88317c/chats?ordering=-created_at
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI1MzQ2ZWExYS04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYiLCJpYXQiOjE2MTYxNzQzOTYuMTQyOTMzNiwiZXhwIjoxNjE2MjAzMTk2LjE0MjQ3NjYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMjg4MC8_dXJsPWh0dHBzJTNBJTJGJTJGMjg4MC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcHBzL3Zpc2l0b3IvaXhsdm5wNXo0aWpvcmVmcWc0YWFrYWFib3lkcmFtaXhlZW5vc3d2cXZpYXozeWtlM29lZGM3YW0iOjE1LCIvYXBpL3Y1L3B1YmxpYyI6eyIvZ2xvYmFsX3Zpc2l0b3JzIjp7Ii81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvKi9ydWxlX3ByZWRpY3Rpb25zIjoxNSwiL20yb3dsajJnZzdzZmNvaXR2bWFhZXUyZ2tiaWlydnlyNW9mdzRhc2N2cWlxYWpxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1fSwiL3Zpc2l0b3JzLzMxMTcyMTFhZTk1YWIwYWEwMTlkZTE0NGRiODgzMTdjIjp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVtYmVyc2hpcHMiOjE1LCIvbWVzc2FnZXMiOjE1LCIvdGFncyI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzLzAyODNlMGFhLTVjNzQtMTFlNS1iZmIzLTAwMTYzZTFmNmEyMi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvMzExNzIxMWFlOTVhYjBhYTAxOWRlMTQ0ZGI4ODMxN2MiOnsiIjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fSwiL3RhcmdldC92aXNpdG9ycy81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTV9fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiMDI4M2UwYWEtNWM3NC0xMWU1LWJmYjMtMDAxNjNlMWY2YTIyIiwiYXBwX2lkIjpudWxsfQ.aegbuW8dQCNL46mAcL-HEIe5hnRI6mlbcwtUFP9uorg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
14
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
42
expires
Fri, 19 Mar 2021 17:19:56 GMT
rule_predictions
2880.clients.giosgusercontent.com/api/v5/public/global_visitors/53465050-88d7-11eb-8b6e-0242ac110026/534696b4-88d7-11eb-8b6e-0242ac110026/ Frame F294 		26 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/api/v5/public/global_visitors/53465050-88d7-11eb-8b6e-0242ac110026/534696b4-88d7-11eb-8b6e-0242ac110026/rule_predictions
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI1MzQ2ZWExYS04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYiLCJpYXQiOjE2MTYxNzQzOTYuMTQyOTMzNiwiZXhwIjoxNjE2MjAzMTk2LjE0MjQ3NjYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMjg4MC8_dXJsPWh0dHBzJTNBJTJGJTJGMjg4MC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcHBzL3Zpc2l0b3IvaXhsdm5wNXo0aWpvcmVmcWc0YWFrYWFib3lkcmFtaXhlZW5vc3d2cXZpYXozeWtlM29lZGM3YW0iOjE1LCIvYXBpL3Y1L3B1YmxpYyI6eyIvZ2xvYmFsX3Zpc2l0b3JzIjp7Ii81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvKi9ydWxlX3ByZWRpY3Rpb25zIjoxNSwiL20yb3dsajJnZzdzZmNvaXR2bWFhZXUyZ2tiaWlydnlyNW9mdzRhc2N2cWlxYWpxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1fSwiL3Zpc2l0b3JzLzMxMTcyMTFhZTk1YWIwYWEwMTlkZTE0NGRiODgzMTdjIjp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVtYmVyc2hpcHMiOjE1LCIvbWVzc2FnZXMiOjE1LCIvdGFncyI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzLzAyODNlMGFhLTVjNzQtMTFlNS1iZmIzLTAwMTYzZTFmNmEyMi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvMzExNzIxMWFlOTVhYjBhYTAxOWRlMTQ0ZGI4ODMxN2MiOnsiIjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fSwiL3RhcmdldC92aXNpdG9ycy81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTV9fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiMDI4M2UwYWEtNWM3NC0xMWU1LWJmYjMtMDAxNjNlMWY2YTIyIiwiYXBwX2lkIjpudWxsfQ.aegbuW8dQCNL46mAcL-HEIe5hnRI6mlbcwtUFP9uorg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
3
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
26
expires
Fri, 19 Mar 2021 17:19:56 GMT
predictions
2880.clients.giosgusercontent.com/api/v5/public/target/visitors/53465050-88d7-11eb-8b6e-0242ac110026/sessions/534696b4-88d7-11eb-8b6e-0242ac110026/ Frame F294 		26 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/api/v5/public/target/visitors/53465050-88d7-11eb-8b6e-0242ac110026/sessions/534696b4-88d7-11eb-8b6e-0242ac110026/predictions
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI1MzQ2ZWExYS04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYiLCJpYXQiOjE2MTYxNzQzOTYuMTQyOTMzNiwiZXhwIjoxNjE2MjAzMTk2LjE0MjQ3NjYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMjg4MC8_dXJsPWh0dHBzJTNBJTJGJTJGMjg4MC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcHBzL3Zpc2l0b3IvaXhsdm5wNXo0aWpvcmVmcWc0YWFrYWFib3lkcmFtaXhlZW5vc3d2cXZpYXozeWtlM29lZGM3YW0iOjE1LCIvYXBpL3Y1L3B1YmxpYyI6eyIvZ2xvYmFsX3Zpc2l0b3JzIjp7Ii81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvKi9ydWxlX3ByZWRpY3Rpb25zIjoxNSwiL20yb3dsajJnZzdzZmNvaXR2bWFhZXUyZ2tiaWlydnlyNW9mdzRhc2N2cWlxYWpxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1fSwiL3Zpc2l0b3JzLzMxMTcyMTFhZTk1YWIwYWEwMTlkZTE0NGRiODgzMTdjIjp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVtYmVyc2hpcHMiOjE1LCIvbWVzc2FnZXMiOjE1LCIvdGFncyI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzLzAyODNlMGFhLTVjNzQtMTFlNS1iZmIzLTAwMTYzZTFmNmEyMi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvMzExNzIxMWFlOTVhYjBhYTAxOWRlMTQ0ZGI4ODMxN2MiOnsiIjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fSwiL3RhcmdldC92aXNpdG9ycy81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTV9fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiMDI4M2UwYWEtNWM3NC0xMWU1LWJmYjMtMDAxNjNlMWY2YTIyIiwiYXBwX2lkIjpudWxsfQ.aegbuW8dQCNL46mAcL-HEIe5hnRI6mlbcwtUFP9uorg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
3
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
strict-transport-security
max-age=63072000
content-type
application/json
content-length
26
expires
Fri, 19 Mar 2021 17:19:56 GMT
online_users
2880.clients.giosgusercontent.com/api/v5/public/orgs/0283e0aa-5c74-11e5-bfb3-00163e1f6a22/rooms/17e6276a-b060-11ea-ab6a-0242ac110007/ Frame F294 		42 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/api/v5/public/orgs/0283e0aa-5c74-11e5-bfb3-00163e1f6a22/rooms/17e6276a-b060-11ea-ab6a-0242ac110007/online_users
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI1MzQ2ZWExYS04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYiLCJpYXQiOjE2MTYxNzQzOTYuMTQyOTMzNiwiZXhwIjoxNjE2MjAzMTk2LjE0MjQ3NjYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMjg4MC8_dXJsPWh0dHBzJTNBJTJGJTJGMjg4MC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcHBzL3Zpc2l0b3IvaXhsdm5wNXo0aWpvcmVmcWc0YWFrYWFib3lkcmFtaXhlZW5vc3d2cXZpYXozeWtlM29lZGM3YW0iOjE1LCIvYXBpL3Y1L3B1YmxpYyI6eyIvZ2xvYmFsX3Zpc2l0b3JzIjp7Ii81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvKi9ydWxlX3ByZWRpY3Rpb25zIjoxNSwiL20yb3dsajJnZzdzZmNvaXR2bWFhZXUyZ2tiaWlydnlyNW9mdzRhc2N2cWlxYWpxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1fSwiL3Zpc2l0b3JzLzMxMTcyMTFhZTk1YWIwYWEwMTlkZTE0NGRiODgzMTdjIjp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVtYmVyc2hpcHMiOjE1LCIvbWVzc2FnZXMiOjE1LCIvdGFncyI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzLzAyODNlMGFhLTVjNzQtMTFlNS1iZmIzLTAwMTYzZTFmNmEyMi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvMzExNzIxMWFlOTVhYjBhYTAxOWRlMTQ0ZGI4ODMxN2MiOnsiIjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fSwiL3RhcmdldC92aXNpdG9ycy81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTV9fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiMDI4M2UwYWEtNWM3NC0xMWU1LWJmYjMtMDAxNjNlMWY2YTIyIiwiYXBwX2lkIjpudWxsfQ.aegbuW8dQCNL46mAcL-HEIe5hnRI6mlbcwtUFP9uorg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
2
vary
Accept, Accept-Language
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-cache
HIT from 2880.clients.giosgusercontent.com
strict-transport-security
max-age=63072000
content-type
application/json
content-length
42
expires
Fri, 19 Mar 2021 17:19:56 GMT
/
service.giosg.com/api/visitor-data/rsl2xlmjrumq4vrheeaaomixeenoswvqviaz3yke3oedc7am/12263/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/visitor-data/rsl2xlmjrumq4vrheeaaomixeenoswvqviaz3yke3oedc7am/12263/
Protocol
H2
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Origin
https://www.fim.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-type
text/html; charset=utf-8
date
Fri, 19 Mar 2021 17:19:56 GMT
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
/
service.giosg.com/api/visitor-data/rsl2xlmjrumq4vrheeaaomixeenoswvqviaz3yke3oedc7am/12263/ 		328 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/visitor-data/rsl2xlmjrumq4vrheeaaomixeenoswvqviaz3yke3oedc7am/12263/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
8c785adc5a32db02571d5dcb525db0769ddc19dc3fd1067757d36eac2589a85e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.fim.com/
X-GIOSG-ClientVersion
cd2f3e6fc6cb5639a5aab57fb840fd05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
28
vary
Accept, Accept-Language, Cookie, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000
content-type
application/json
content-length
232
/
service.giosg.com/api/v5/public/trace/ 		17 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.227.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.fim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 19 Mar 2021 17:19:56 GMT
vary
Accept, Accept-Language
server
nginx
x-response-duration
123
allow
GET, POST, HEAD, OPTIONS
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
access-control-allow-origin
*
strict-transport-security
max-age=63072000
content-type
application/json
content-length
17
17e6276a-b060-11ea-ab6a-0242ac110007
2880.clients.giosgusercontent.com/api/v5/public/orgs/0283e0aa-5c74-11e5-bfb3-00163e1f6a22/rooms/ Frame F294 		238 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2880.clients.giosgusercontent.com/api/v5/public/orgs/0283e0aa-5c74-11e5-bfb3-00163e1f6a22/rooms/17e6276a-b060-11ea-ab6a-0242ac110007
Requested by
Host: 2880.clients.giosgusercontent.com
URL: https://2880.clients.giosgusercontent.com/static/visitor.0a1ce233636dc36dedc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.179.193 Hanover, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
6fbb54dbd52f0a3ba8ca2ff0a90bd7accacfef2552a856510954d99506065754
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
application/json
Referer
https://2880.clients.giosgusercontent.com/cd/2880/60jep/?url=https%3A%2F%2Fwww.fim.com%2Ffi%2F
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI1MzQ2ZWExYS04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYiLCJpYXQiOjE2MTYxNzQzOTYuMTQyOTMzNiwiZXhwIjoxNjE2MjAzMTk2LjE0MjQ3NjYsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMjg4MC8_dXJsPWh0dHBzJTNBJTJGJTJGMjg4MC5jbGllbnRzLmdpb3NndXNlcmNvbnRlbnQuY29tIiwiYXVkIjpbIm1lc3NhZ2Vyb3V0ZXIuZ2lvc2cuY29tIiwic2VydmljZS5naW9zZy5jb20iXSwic2NvcGVzIjp7Ii9hcHBzL3Zpc2l0b3IvaXhsdm5wNXo0aWpvcmVmcWc0YWFrYWFib3lkcmFtaXhlZW5vc3d2cXZpYXozeWtlM29lZGM3YW0iOjE1LCIvYXBpL3Y1L3B1YmxpYyI6eyIvZ2xvYmFsX3Zpc2l0b3JzIjp7Ii81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvKi9ydWxlX3ByZWRpY3Rpb25zIjoxNSwiL20yb3dsajJnZzdzZmNvaXR2bWFhZXUyZ2tiaWlydnlyNW9mdzRhc2N2cWlxYWpxbS8qL3J1bGVfcHJlZGljdGlvbnMiOjE1fSwiL3Zpc2l0b3JzLzMxMTcyMTFhZTk1YWIwYWEwMTlkZTE0NGRiODgzMTdjIjp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVtYmVyc2hpcHMiOjE1LCIvbWVzc2FnZXMiOjE1LCIvdGFncyI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzLzAyODNlMGFhLTVjNzQtMTFlNS1iZmIzLTAwMTYzZTFmNmEyMi9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvMzExNzIxMWFlOTVhYjBhYTAxOWRlMTQ0ZGI4ODMxN2MiOnsiIjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1LCIvYXV0b3N1Z2dlc3QiOjE1fSwiIjoxNX0sIiI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1LCIvYnJhbmQiOjE1fSwiL3RhcmdldC92aXNpdG9ycy81MzQ2NTA1MC04OGQ3LTExZWItOGI2ZS0wMjQyYWMxMTAwMjYvc2Vzc2lvbnMvKi9wcmVkaWN0aW9ucyI6MTV9fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiMDI4M2UwYWEtNWM3NC0xMWU1LWJmYjMtMDAxNjNlMWY2YTIyIiwiYXBwX2lkIjpudWxsfQ.aegbuW8dQCNL46mAcL-HEIe5hnRI6mlbcwtUFP9uorg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Mar 2021 17:19:57 GMT
content-encoding
gzip
allow
GET, HEAD, OPTIONS
server
nginx
x-response-duration
1
vary
Accept, Accept-Language, Accept-Encoding
content-language
en
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-cache
HIT from 2880.clients.giosgusercontent.com
strict-transport-security
max-age=63072000
content-type
application/json
content-length
196
expires
Fri, 19 Mar 2021 17:19:57 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| quality object| slimmage object| globalSettings string| hash function| DirectToAnchorLink function| captchaCheck function| captchaExpired function| captchaSubmit object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| uniroot function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| jQuery111103801132759048984 function| _ function| Big object| angular function| requestAnimFrame function| Headroom function| Bloodhound function| moment string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile object| jsSocials function| initTabs function| changeTabs function| checkAltPlusButtonForTabs function| checkAltPlusButtonForRadios function| initRadioButtons function| toggleProfitCalculatorTooltip function| toggleCollapsibleItem function| Body function| Subscription function| resetErrors function| validateEmail object| tabKeys function| RadioGroup function| RadioButton object| radioButtonKeys object| announcementApp object| articleApp object| notificationApp object| FAQListingApp function| getCookie function| arrayObjectIndexOf function| getQueryParam function| getScreenWidth function| findElementByProperty function| commentOutElement function| uncommentElement function| addFundAction function| setCookie function| checkTextAreaChange function| noButtonClicked function| showWasUsefulInput function| hideWasUsefulInput function| closedReasonClicked function| openReasonClicked function| thisWasNotUsefulAnswer function| thisWasUsefulAnswer function| sendFeedback function| sendFAQDataToGtm function| questionBoxClicked object| siteSearchApp function| checkCaptionLength object| collateralLoanModule function| bind function| extend function| hasProp object| faqLandingPageApp object| faqServices object| module object| faqSearch object| locationSearchApp object| flexLoanControllers function| flexLoanCtrl function| flexLoanOverviewCtrl object| singleFundControllers function| singleFundCtrl function| singleFundService object| singleFundServices object| fundListingModule function| fundService object| fundServices function| indexOf object| loanControllers function| loanOverviewOfficalCtrl function| loanService object| loanServices object| loginApp object| singleObligationControllers function| singleObligationCtrl function| singleObligationService object| singleObligationServices function| obligationService object| obligationServices function| obligationTableCtrl object| obligationsApp object| popularFaq object| productLoanControllers function| productLoanCtrl function| productLoanOfficalCtrl function| productLoanOfficalOverviewCtrl function| productLoanOverviewCtrl object| savingReturns object| graphModule object| savingReturnsConfiguration object| showcaseModule string| consentComponentUiLanguage boolean| consentComponentModal string| consentComponentSite object| appElem object| fundsTranslations object| google_tag_manager function| _giosg object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| cocoWebpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| core object| gaplugins object| gaGlobal object| gaData boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL object| giosgWebpackJsonp object| giosg function| jGiosg object| CE2BH undefined| JSON3 object| GiosgClient

4 Cookies

Domain/Path Name / Value
.fim.com/ Name: _gid
Value: GA1.2.1623182324.1616174393
.fim.com/ Name: _ga
Value: GA1.2.1754722011.1616174393
www.fim.com/ Name: UUID
Value: c1e47361-abe7-47bd-ade6-6d4093987b2b
www.fim.com/ Name: ASP.NET_SessionId
Value: il1ubyp0oivqbjcrtclniinq

10 Console Messages

Source Level URL
Text
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /Assets/img/logos/fim.png?width=160&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /Assets/img/logos/fim.png?width=160&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /globalassets/media2/nakemys/kuvat/houseview.jpg?width=480&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /globalassets/media/artikkelien-kuvat/s-pankki-artikkeli-suominen-lippo-korona-heiluttaa-sijoituksia-mika-neuvoksi-1600x1000px.jpg?width=480&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /globalassets/media/tiedotteiden-kuvat/s-pankki-tiedote-malminkartanontie1-1600x1000.jpg?width=480&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating /Assets/img/logos/fim.png?width=320&quality=80
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimming: updating "/globalassets/media/1600x1000-300px-kuvat/toimitila--ja-tonttirahasto/istock-503813330_kiinteistorahastot_yleinen_1600x300px.jpg?width=1760&quality=80&height=300&anchor=middlecenter&mode=crop"
console-api log URL: https://www.fim.com/Assets/js/slimmage.min.js?v=47e2538b9f57b70f156642eb6d8a0388(Line 1)
Message:
Slimmage: restored 6 images from noscript tags; sizing 7 images. 42ms
console-api info URL: https://www.fim.com/Assets/js/app-2504e24f722d38b9760d.js(Line 1)
Message:
Running in local
console-api log URL: https://service.giosg.com/live/(Line 129)
Message:
JQMIGRATE: Migrate is installed with logging active, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2880.clients.giosgusercontent.com
fast.fonts.net
script.crazyegg.com
service.giosg.com
www.fim.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
178.63.179.193
178.63.227.217
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700::6813:9308
2a00:1450:4001:801::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
51.105.207.243
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
088ac6f102823e71f322abff3ba1108310a2c92e4680976c84a11fc6da6bb69e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fcac8dec17dc2b3a2f7cb9bbfaa31237eef9dd824a2d937ebd44715ff327602
1a001e90321ff81e66b2f2b0ae5d26765248ea440c9ca0207c3cd41fabfce7d4
29a7b9304d298eeb44234198bb747c1fb0fe0405074b2ecf2fe9951afc1ed5bd
346ec652e9348bff665e221a3d696274add65005a16edcf2b021a2dbc2564403
3547b814dd06191c15bc4e5964fcda2855b17299d32cd8f8c288091e50371a5b
49af6e3865025eb9836a04e2e2ae8115ce11a852941ef1d9a3c4b297f790adf1
4cd9300dc2a6c9d7a5596c048d5aee9c447dd5f0746231066191f8131033b9fc
548c1fc5e7020135196e983298de264df8540d70740fc544200f7fc042f0db4f
57cf7da1b3432300ef79dd4937dc10b5ad1cdc9974ec514468eb34f04720b871
5a2c68c039860ecb16d04dee83c8088ae0b04b42aead582c52fd092c2081f1d1
5b7256d07a5e1903dee7211c4967ff1aa82ddcfcab0ae12bab92153c0d54cc0d
5d68c40c6ca7758b571af740d7e9844a5f5e7e90e765b8c59c1b59db84d0ac0c
67633a584cd903984abefc9c3950edd6b2c5503bd4dc791a0ed87e1449ec8890
6fbb54dbd52f0a3ba8ca2ff0a90bd7accacfef2552a856510954d99506065754
75b4f91a8c3358f07554a9f1720c1ce9db1e843413e7a00808cc547e3653330d
75b570aad6e1037666c99749ccb3223d33ac9680f61e563c3dcea6d7d786d89f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8597a234d0629cd27b460d82b49795f8c4915796ea79fd0e3d30c12e2719eb0e
8b301dbb49cea438cf7056713b838dbc6af958243accb75d84b4afb81c5b258f
8c42fe5668104ec910e222ca23b2a50defbbbebd931a548ed8348f2aff1d4a9e
8c785adc5a32db02571d5dcb525db0769ddc19dc3fd1067757d36eac2589a85e
8e018ac0180c8b7246c02eb995f116d72ac8c7df02b6d06d8df6b16295e9f1f0
953fac9a7dd46fa182d9af50d0e71c69759a093a746b1c96419f46f2eea9fec7
953fb33671cb21360745f54ce340caa543755b1694c661c778deb0773670e5be
974824c628da89c89ea3b27d7a4506b91eb76763b1b8a2e3c2a2c1b916157f28
ad824347c2367ab5cf087d202dbef906ec8c64dfa0b45002086024077e34cda9
bbcb9153858724a0c9cd859e6e11a37d1e9ba38a3c50d3d5dcf665c80b6e3957
bd18df581954aa44e92d7f17e68b4ad0ccbd7df693cd4e3bc114d4517fe6a692
c89a7d23c81017157702c3595570ed5969ceaf9f30e581cf669c7d3ee54bdeec
ca0ccaaa4545e17d7cc20353c8c2b87fb0534a661df1d86281497990f5ac3ad8
ccb1bec0136cf7b8290a20b9a6545678c9172a08742f69bb375ee05babcd58b5
d32e9aeb6b699c4280cbb0463f6537c2ca144fc83593144588d78a1d8bc12299
d66f1046393e7adcd70b3ea2068845773af3a18786f46d762354b75a368738a6
d791d8d9c91eba5ff72ad8459dcd87a1af7c0349f863fc72be789431ccbc6244
d85970168aaa7b320d4f335d425990a1061bd5b6ccec9dfde2eeac68fc96edca
e0cad8f5dc7168a32e0964805dd4671353740b758fd9f430e06e80e149176c75
e24fc62cf418adbaaf6b3314c5e50180ceaf3773666c13ea73a1e6545cf90658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f195afe8b3310327d1a15114908473be4e055ba1af97194a2bf63c95619f6
f3549a976748bf9b92480125750fe50b9c2b67492659d5895952ca7a84e7e1fd