www.varma.fi Open in urlscan Pro
217.114.93.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.varma.fi/en/
Submission: On December 06 via manual (December 6th 2023, 1:14:51 pm UTC) from US — Scanned from FI

Summary HTTP 45 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 45 HTTP transactions. The main IP is 217.114.93.174, located in Sweden and belongs to EPISERVER_AS, SE. The main domain is www.varma.fi.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 10th 2023. Valid for: a year.

This is the only time www.varma.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	217.114.93.174 217.114.93.174	30811 (EPISERVER_AS) (EPISERVER_AS)
1	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
3	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
6	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
19	178.63.179.193 178.63.179.193	24940 (HETZNER-AS) (HETZNER-AS)
45	5

16 217.114.93.174 (Sweden)

ASN30811 (EPISERVER_AS, SE)

www.varma.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 178.63.179.193 (Wiesenau, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com

service.giosg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	giosg.com service.giosg.com — Cisco Umbrella Rank: 112225	594 KB
16	varma.fi www.varma.fi	1019 KB
6	gstatic.com fonts.gstatic.com	86 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	98 KB
45	5

	Domain	Requested by
19	service.giosg.com	www.varma.fi service.giosg.com
16	www.varma.fi	www.varma.fi
6	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.varma.fi service.giosg.com
1	www.googletagmanager.com	www.varma.fi
45	5

This site contains links to these domains. Also see Links.

Domain
asiointi.varma.fi
vaha.asiointi.varma.fi
report.whistleb.com
twitter.com
www.linkedin.com
www.instagram.com
www.facebook.com
www.youtube.com
www.slideshare.net
open.spotify.com

Subject Issuer	Validity	Valid
www.varma.fi Entrust Certification Authority - L1K	`2023-01-10` - `2024-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.giosg.com Starfield Secure Certificate Authority - G2	`2023-07-26` - `2024-08-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.varma.fi/en/
Frame ID: 61F12D4E8B4298913127D5DC1AEB272D
Requests: 32 HTTP requests in this frame

Frame: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
Frame ID: 3D27BECBCB3FC42B68280332C5A022FD
Requests: 11 HTTP requests in this frame

Frame: https://service.giosg.com/credentials/3860/?cookies_allowed=true&url=https%3A%2F%2Fservice.giosg.com
Frame ID: 0E892AB2BEED35295C2575706054A83A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Varma Pension Insurance Company - Varma

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1800 kB
Transfer

3279 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://asiointi.varma.fi/?langcode=en
Title: Log in

Search URL Search Domain Scan URL

URL: https://vaha.asiointi.varma.fi/vakuutushakemus/?langcode=en
Title: Take out pension insurance

Search URL Search Domain Scan URL

URL: https://report.whistleb.com/en/varma
Title: Whistleblowing service

Search URL Search Domain Scan URL

URL: https://twitter.com/varma_tweet
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/varma
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tyoelakevarma/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tyoelakevarma
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tyoelakevarma
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.slideshare.net/tyoelakeyhtio_varma
Title: SlideShare

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/0MaQrFx96FktMSQzvnIojL?si=N63yqIJ4T5OUca68PFDMaQ
Title: Spotify

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.varma.fi/en/ 45 KB
14 KB 335ms
101ms Document
text/html 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

92194f77978153349ae0272c0b00dc2bd85b47249e5a97304da0c474e70d37fc

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 10517
Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Dec 2023 13:14:45 GMT
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=3600
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN

GET
H/1.1 200
OK app.871ed553.css
www.varma.fi/static/dist-vue/css/ 385 KB
42 KB 73ms
72ms Stylesheet
text/css 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varma.fi/static/dist-vue/css/app.871ed553.css

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

e6733ab5c46ff43706a6a7c4dcbb347b18754cacce73d483d1fcea7f350c941f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 14 Nov 2023 11:57:58 GMT
Strict-Transport-Security: max-age=3600
ETag: "0e732cff116da1:0"
Date: Wed, 06 Dec 2023 13:14:45 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=86400
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Accept-Ranges: bytes
Content-Length: 39793

GET
H/1.1 200
OK voit-olla-varma-tyonantaja-tyoelakeyhtio-varma.png
www.varma.fi/globalassets/kuvat/muut/ 428 KB
432 KB 147ms
64ms Image
image/png 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/muut/voit-olla-varma-tyonantaja-tyoelakeyhtio-varma.png?preset=main-hero-l

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

b1259508352dbd9d4ce4b3f7ab1d0176b33a886a30fe03e3190a3a9dd31ebde4

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:45 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FA075C3D1"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 438760
Expires: Wed, 13 Dec 2023 13:14:45 GMT

GET
H/1.1 200
OK localizations.js Show response
www.varma.fi/api/ 62 KB
25 KB 210ms
88ms Script
application/javascript 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varma.fi/api/localizations.js

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9bae7657ed3c30465a2b229784933c884dd2556ad870615c5046ed6e149b7ed6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'sha256-AhOef0mqy2l6ZjP7SpZm/7XX1dvTPZehnHVwDRbAj2w=' 'sha256-fJ+Xb7+kj+pqxOgt5yuYXuLEs/lBIefknLc36v8Iwb8=' 'sha256-2yjcqFBF85NOW1t2XD4jJohWnzUtX9fr+6TWF0KMfow=' 'sha256-zEyfDxMhO4pqP68G/Stq08GXBtQyeIuKnAf7rfhlqfM=' 'sha256-T/Z6eh1rfOuy4K2WEOnVjv9u4VQnMO67BCtY+KEJg0c=' 'sha256-iRMrJduQqNpcECALxG+gMMq765euUECHAovhvWOA68w=' 'sha256-EHe4+V5duKNg8duhSXNsgLi5NEm2gUlQFvcIjfwwdQ4=' 'sha256-UVz9mlT65zVuK2sNFzPFM4gHE6ji6C1K/Id1rqPX0BE=' 'sha256-epfqgCsJET8mfd3alafxr+4EDvjY0mS5k9QmF86wwTQ='; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms;
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'sha256-AhOef0mqy2l6ZjP7SpZm/7XX1dvTPZehnHVwDRbAj2w=' 'sha256-fJ+Xb7+kj+pqxOgt5yuYXuLEs/lBIefknLc36v8Iwb8=' 'sha256-2yjcqFBF85NOW1t2XD4jJohWnzUtX9fr+6TWF0KMfow=' 'sha256-zEyfDxMhO4pqP68G/Stq08GXBtQyeIuKnAf7rfhlqfM=' 'sha256-T/Z6eh1rfOuy4K2WEOnVjv9u4VQnMO67BCtY+KEJg0c=' 'sha256-iRMrJduQqNpcECALxG+gMMq765euUECHAovhvWOA68w=' 'sha256-EHe4+V5duKNg8duhSXNsgLi5NEm2gUlQFvcIjfwwdQ4=' 'sha256-UVz9mlT65zVuK2sNFzPFM4gHE6ji6C1K/Id1rqPX0BE=' 'sha256-epfqgCsJET8mfd3alafxr+4EDvjY0mS5k9QmF86wwTQ='; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Strict-Transport-Security: max-age=3600
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Date: Wed, 06 Dec 2023 13:14:45 GMT
Cache-Control: max-age=900
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';

GET
H/1.1 200
OK chunk-vendors.455b0ad3.js Show response
www.varma.fi/static/dist-vue/js/ 610 KB
211 KB 189ms
83ms Script
application/javascript 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varma.fi/static/dist-vue/js/chunk-vendors.455b0ad3.js

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

7ff48ea291e856f2060ed7d79ba6c996e5319d22009913205902f50bd154705e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 22 Aug 2023 07:41:48 GMT
Strict-Transport-Security: max-age=3600
ETag: "06441bccd4d91:0"
Date: Wed, 06 Dec 2023 13:14:45 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=86400
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Accept-Ranges: bytes
Content-Length: 212008

GET
H/1.1 200
OK app.7ce9cd93.js Show response
www.varma.fi/static/dist-vue/ 368 KB
79 KB 210ms
93ms Script
application/javascript 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varma.fi/static/dist-vue/app.7ce9cd93.js

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

9b7485fd1793a6bc80757c40d9a24a9fe3076027c27532ba0a17038222973781

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 14 Nov 2023 11:57:58 GMT
Strict-Transport-Security: max-age=3600
ETag: "0e732cff116da1:0"
Date: Wed, 06 Dec 2023 13:14:45 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=86400
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Accept-Ranges: bytes
Content-Length: 77540

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
98 KB 647ms
152ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-588PQ2J

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

59c6dd2cf60d585a350f77ce181d555b30ef2789eb49f463cd7c31099e6668fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100397
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 13:14:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 685ms
171ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/static/dist-vue/css/app.871ed553.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

6c324d7d96e111392a2aa241d7063a502d45ea64d67a8080cdd9d25fe96c0adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:51:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:14:46 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 689ms
199ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:42 GMT
x-content-type-options: nosniff
age: 152284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:56:42 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 662ms
173ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:24 GMT
x-content-type-options: nosniff
age: 102022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:54:24 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 681ms
193ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:41:12 GMT
x-content-type-options: nosniff
age: 167614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 14:41:12 GMT

GET
H2 200 b7966c66-1dd3-11e7-b719-00163ed8ec9a Show response
service.giosg.com/live2/ 4 KB
2 KB 304ms
115ms Script
application/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

bc9c1ccfaab9ff9d064370cea20e641d21ef90492fc8e179aaf24c5cc107a87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 05 Dec 2023 12:14:47 GMT
server: nginx
etag: "656f1437-7ee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=60, public
accept-ranges: bytes
content-length: 2030
expires: Wed, 06 Dec 2023 13:15:47 GMT

GET
H/1.1 200
OK logo.svg
www.varma.fi/static/img/ 3 KB
6 KB 81ms
81ms Image
image/svg+xml 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/static/img/logo.svg

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

21de73a5525895cb7a260d0d9878ab7d68121dce45c8cd3b463235596555eead

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Jun 2021 19:55:18 GMT
Date: Wed, 06 Dec 2023 13:14:46 GMT
ETag: "09752ad75bd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=86400
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Accept-Ranges: bytes
Content-Length: 2644

GET
H/1.1 200
OK nainen-istuu-nojatuolissa-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/ 10 KB
14 KB 83ms
82ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/nainen-istuu-nojatuolissa-tyoelakeyhtio-varma.jpg?preset=product-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

503c87e76c945549718cd4cc1baa58f4e3c76708d1ae4130634e55e1d0b7b8e4

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FA1000C7E"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 10693
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK nainen-puhuu-kokouksessa-kaksi-kuuntelee-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/ 12 KB
16 KB 81ms
81ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/nainen-puhuu-kokouksessa-kaksi-kuuntelee-tyoelakeyhtio-varma.jpg?preset=product-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

5cae524f772332c5310f3dc9a2f74e175d9ae5f8a36cc2e2477ad5eb4264cb37

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FA1000C7E"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 12425
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK nainen-ja-mies-keskustelevat-hybridikokouksessa-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/ 11 KB
14 KB 80ms
79ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/nainen-ja-mies-keskustelevat-hybridikokouksessa-tyoelakeyhtio-varma.jpg?preset=product-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

3106e84ccc659cf72d727a2b4e801c7404982d448f6b69234073a03fda828ef0

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FA1000C7E"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 10967
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK nainen-katsoo-eteenpain-hymyillen-ulkona-seisten-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/vapaa-aika/ 22 KB
26 KB 64ms
64ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/vapaa-aika/nainen-katsoo-eteenpain-hymyillen-ulkona-seisten-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

e969c40eb7425877c4ccbf4ba6c107fcd7ea3d5e1481d0e7dc9ff00f09983f6a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FA1511C5D"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 22564
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK vaahteranlehtia-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/luonto/ 25 KB
29 KB 67ms
66ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/luonto/vaahteranlehtia-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

293b905902485d07e3a679fd33d43332abada6e6bf3ac00cd0c8fb9a0a6ce4ba

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FACB9BEFC"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 25698
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK kaksi-elakelaista-keskustelee-kahvilan-terassilla-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/vapaa-aika/ 27 KB
31 KB 70ms
70ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/vapaa-aika/kaksi-elakelaista-keskustelee-kahvilan-terassilla-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

92be17680233419124079a6f486a3fab2993040411272f8f09b556dd1d382894

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FC1395B17"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 28066
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK nainen-juttelee-koiralle-penkilla-ulkona-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/vapaa-aika/ 25 KB
29 KB 74ms
73ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/vapaa-aika/nainen-juttelee-koiralle-penkilla-ulkona-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

5ca2e40e15c2ecddd76cfdbd484dffa85bff359aab32e1d8adc916ed3199cee3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FE74726AD"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 25544
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK salmisaari-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/kiinteistot/salme/ 23 KB
27 KB 83ms
82ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/kiinteistot/salme/salmisaari-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

0db85c8605c3e5ccc6802bb3537ec8056a443fc9494572acb7de67f6f4b2b4ff

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FE74726AD"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 23509
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H/1.1 200
OK nainen-tyoskentelee-tietokoneella-toinen-taustalla-tyoelakeyhtio-varma.jpg
www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/ 20 KB
24 KB 122ms
63ms Image
image/jpeg 217.114.93.174
EPISERVER_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varma.fi/globalassets/kuvat/tyokulttuuri-ja-tyon-muutos/nainen-tyoskentelee-tietokoneella-toinen-taustalla-tyoelakeyhtio-varma.jpg?preset=article-card

Requested by

Host: www.varma.fi
URL: https://www.varma.fi/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.114.93.174 , Sweden, ASN30811 (EPISERVER_AS, SE),

Reverse DNS

Software

Resource Hash

2f825e0dfd42cc1f8063ea35ae03eb7fa17af11b2f4632599ccd57359cab77e8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.varma.fi/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://*.giosg.com https://*.giosgusercontent.com https://www.google-analytics.com *.google-analytics.com *.analytics.google.com *.hubapi.com js.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com https://cdn.linkedin.oribi.io *.bing.com wss://*.bing.com https://*.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://*.doubleclick.net *.hubspot.com *.hs-sites.com *.hubspot.net play.hubspotvideo.com *.hsforms.net *.hsforms.com sdx.microsoft.com https://*.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://*.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://*.doubleclick.net *.google-analytics.com *.analytics.google.com js.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com https://*.cdninstagram.com https://*.ads.linkedin.com *.bing.com *.microsoft.com https://*.clarity.ms https://*.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://*.giosg.com https://*.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://*.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://*.giosg.com https://*.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net cdn2.hubspot.net *.bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Date: Wed, 06 Dec 2023 13:14:46 GMT
ImageProcessedBy: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
ETag: "1DA276FC169081E"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, max-age=604800
Feature-Policy: camera 'none'; microphone 'none'; geolocation 'none'; autoplay 'none'; document-domain 'none';
Content-Length: 20371
Expires: Wed, 13 Dec 2023 13:14:46 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 510ms
164ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f94b7756c96411b34b90cedcd0234fb84c06127006b9af456d7633705ba8513b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:43 GMT
x-content-type-options: nosniff
age: 228363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14192
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:43 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 474ms
132ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:53:02 GMT
x-content-type-options: nosniff
age: 102104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14160
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:53:02 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 467ms
127ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.varma.fi
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:36:02 GMT
x-content-type-options: nosniff
age: 110324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14200
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 06:36:02 GMT

GET
H2 200 939.2ce478d433d1890661ac.js Show response
service.giosg.com/static/ 34 KB
11 KB 124ms
121ms Script
application/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/static/939.2ce478d433d1890661ac.js

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

0c165bd82cbce56ca67741d0550c460ae08a228f5ad274e772166d0df839bab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 05 Dec 2023 12:14:47 GMT
server: nginx
etag: "656f1437-2c06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11270
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 973.f647a085cc64142e3e5e.js Show response
service.giosg.com/static/ 132 KB
39 KB 163ms
161ms Script
application/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/static/973.f647a085cc64142e3e5e.js

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

1b81f4de2361f1e2713c1705dad31299b25450b35abb73f9cf1aae557cfec8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 05 Dec 2023 12:14:47 GMT
server: nginx
etag: "656f1437-992c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 39212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/client-settings2/ 32 KB
6 KB 139ms
138ms Fetch
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/client-settings2/?url=https%3A%2F%2Fwww.varma.fi%2Fen%2F

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

f852d4011e1c61e15651206227020c0f9836e08e0af9cdd29edfe2fd17345ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
X-Client-Origin: https://www.varma.fi

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 14
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 6151

OPTIONS
H2 200 /
service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/client-settings2/ Frame 0
0 271ms
90ms Preflight
text/html 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/client-settings2/?url=https%3A%2F%2Fwww.varma.fi%2Fen%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-origin
Access-Control-Request-Method: GET
Origin: https://www.varma.fi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 13:14:47 GMT
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server: nginx
strict-transport-security: max-age=63072000

GET
H2 200 664.4ddac03812a4dd93192d.js Show response
service.giosg.com/static/ 7 KB
3 KB 91ms
91ms Script
application/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/static/664.4ddac03812a4dd93192d.js

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

d3c6df5438dc5257ff4cb09fc5662c056385346c0624b26adb8ca446227f0182

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 05 Dec 2023 12:14:47 GMT
server: nginx
etag: "656f1437-918"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2328
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chat Show response
service.giosg.com/bar/visitor/ Frame 3D27 537 B
906 B 113ms
113ms Document
text/html 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/static/973.f647a085cc64142e3e5e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

86baa64e6178e90b0c208e50b6b827e9e2a948974924729479746d6cfce8dc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache,max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 13:14:47 GMT
etag: W/"9d51ef90917044e8addc1848cce115cb"
last-modified: Thu, 30 Nov 2023 13:27:57 GMT
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server: nginx
strict-transport-security: max-age=15768000
x-amz-id-2: 2lNLSgoggjNZNVt+Ds89UpN2p5K8UHoYjX34H6yKW0a5nVVSldXry2Cop1ga+R7krBkJ/9m8JV5AUxo5u7wARQ==
x-amz-request-id: 9NCT0XBNGMY27CHF
x-amz-server-side-encryption: AES256

GET
H2 200 568.10ff6c56f430ff788f19.js Show response
service.giosg.com/static/ 20 KB
8 KB 150ms
150ms Script
application/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/static/568.10ff6c56f430ff788f19.js

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/live2/b7966c66-1dd3-11e7-b719-00163ed8ec9a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

18e8453bada76319e4eef4aae93f93be4c8cecab5ae3f9a6d5d43439fb352403

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 05 Dec 2023 12:14:47 GMT
server: nginx
etag: "656f1437-1db8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visitor.6c19b98df022b34a1bb1.js Show response
service.giosg.com/bar/ Frame 3D27 513 KB
514 KB 94ms
92ms Script
text/javascript 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

e0204206312d27795be7813958786bf6824cecb9565738eec6ae156d7ce8d6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:47 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 30 Nov 2023 13:27:56 GMT
server: nginx
x-amz-request-id: 9NCWV6XRT9WJN0X3
etag: "dcc981e0a394a70f7a3782c819276561"
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
cache-control: no-cache,max-age=0
accept-ranges: bytes
content-length: 525585
x-amz-id-2: vWAQh07TTwSUHR212KigzxdqR2iqS8whLaCYqeoxYpLPDZQufXnDQM+ibY5uKFlE8D98OSZ2JJOZSHRBx96Img==

GET
H2 200 css
fonts.googleapis.com/ Frame 3D27 2 KB
737 B 98ms
97ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

5262336b0722575d125a2940aed7f5d9d867590fef08a51b6dd9e0c81937c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://service.giosg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:03:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:14:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3D27 15 KB
1 KB 115ms
114ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:900|Nunito+Sans:300,400,600,700|Roboto+Mono:400|Rubik:700&display=swap

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

1885a4cba776e40cb6f4c390951fd1a1d94601d8f3c08499191bfc8bb0064ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://service.giosg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:55:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:14:48 GMT

GET
H2 200 visitor-settings Show response
service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/ Frame 3D27 1 KB
1 KB 142ms
142ms Fetch
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/visitor-settings?url=https%3A%2F%2Fwww.varma.fi%2Fen%2F

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

ff83a39d36e9d3a3baacf060a6ba3de696e4ac682142e3f17174cad6e19c111f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 30
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-language: fi
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 772

GET
H2 200 / Show response
service.giosg.com/credentials/3860/ Frame 0E89 4 KB
3 KB 107ms
106ms Document
text/html 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/credentials/3860/?cookies_allowed=true&url=https%3A%2F%2Fservice.giosg.com

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

ea6af0738d9faff9cc91cda2149f599c5f7b3152e6a3df122bf68caf28362112

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: fi
content-length: 2051
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 13:14:48 GMT
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Language, Accept-Encoding
x-response-duration: 6

GET
H2 200 chats Show response
service.giosg.com/api/v5/public/visitors/40305897b811003c8771c07346944e77/ Frame 3D27 42 B
484 B 128ms
128ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/visitors/40305897b811003c8771c07346944e77/chats?ordering=-created_at

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 35
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 42
expires: Wed, 06 Dec 2023 13:14:48 GMT

GET
H2 200 online_users Show response
service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a/ Frame 3D27 42 B
483 B 174ms
174ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a/online_users

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 9
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 42
expires: Wed, 06 Dec 2023 13:14:48 GMT

GET
H2 200 b7d1554c-1dd3-11e7-b719-00163ed8ec9a Show response
service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/ Frame 3D27 824 B
971 B 190ms
190ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

d628e66a24efa46a36feb3def09a78847ce718c88a4b247b64f349fb0783e31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 25
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 488
expires: Wed, 06 Dec 2023 13:14:48 GMT

POST
H2 201 / Show response
service.giosg.com/api/v5/public/trace/ 17 B
374 B 227ms
226ms Fetch
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/trace/

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/static/973.f647a085cc64142e3e5e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json, text/javascript, */*
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 135
allow: GET, POST, HEAD, OPTIONS
vary: Accept, Accept-Language
content-type: application/json
access-control-allow-origin: *
content-language: fi
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 17

GET
H2 200 3568b89a-61e0-11ee-99d5-0242ac12000a Show response
service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/giosg_brands/ 2 KB
1 KB 101ms
101ms Fetch
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/giosg_brands/3568b89a-61e0-11ee-99d5-0242ac12000a

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/static/973.f647a085cc64142e3e5e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

55970db6dba758cd318861fd64691dafeb8ef0e574cc2dc85c3d58aa0d486cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 5
allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
vary: Accept, Accept-Language, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-language: fi
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 747

GET
H2 200 chats Show response
service.giosg.com/api/v5/public/visitors/40305897b811003c8771c07346944e77/ Frame 3D27 42 B
484 B 123ms
122ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/visitors/40305897b811003c8771c07346944e77/chats?ordering=-created_at

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:48 GMT
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 34
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 42
expires: Wed, 06 Dec 2023 13:14:48 GMT

GET
H2 200 online_users Show response
service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a/ Frame 3D27 42 B
484 B 174ms
173ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a/online_users

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:49 GMT
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 10
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 42
expires: Wed, 06 Dec 2023 13:14:49 GMT

GET
H2 200 b7d1554c-1dd3-11e7-b719-00163ed8ec9a Show response
service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/ Frame 3D27 824 B
971 B 184ms
183ms XHR
application/json 178.63.179.193
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.giosg.com/api/v5/public/orgs/b7966c66-1dd3-11e7-b719-00163ed8ec9a/rooms/b7d1554c-1dd3-11e7-b719-00163ed8ec9a

Requested by

Host: service.giosg.com
URL: https://service.giosg.com/bar/visitor.6c19b98df022b34a1bb1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.179.193 Wiesenau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

nginx /

Resource Hash

d628e66a24efa46a36feb3def09a78847ce718c88a4b247b64f349fb0783e31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://service.giosg.com/bar/visitor/chat?org=b7966c66-1dd3-11e7-b719-00163ed8ec9a&c=3860&url=https%253A%252F%252Fwww.varma.fi%252Fen%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2ZTk5YTFmYy05NDM5LTExZWUtODk0Zi0wMjQyYWMxMjAwMTciLCJpYXQiOjE3MDE4Njg0ODguNDY3MDM2MiwiZXhwIjoxNzAxODk3Mjg4LjQ2NjgxNjQsInZlcnNpb24iOjEsImlzcyI6Imh0dHBzOi8vc2VydmljZS5naW9zZy5jb20vY3JlZGVudGlhbHMvMzg2MC8_Y29va2llc19hbGxvd2VkPXRydWUmdXJsPWh0dHBzJTNBJTJGJTJGc2VydmljZS5naW9zZy5jb20iLCJhdWQiOlsibWVzc2FnZXJvdXRlci5naW9zZy5jb20iLCJzZXJ2aWNlLmdpb3NnLmNvbSJdLCJzY29wZXMiOnsiL2FwaS92NS9wdWJsaWMiOnsiL3Zpc2l0b3JzLzQwMzA1ODk3YjgxMTAwM2M4NzcxYzA3MzQ2OTQ0ZTc3Ijp7Ii9jaGF0cyI6eyIvKiI6eyIiOjE1LCIvbWVzc2FnZXMiOnsiIjoxNSwiLyoiOjE1fSwiL21lbWJlcnNoaXBzIjoxNSwiL3RhZ3MiOjE1LCIvY2FsbF9zdGF0dXMiOjE1LCIvY2FsbF90b2tlbiI6MTV9LCIiOjE1fSwiL2NoYXRfbWVtYmVyc2hpcHMiOnsiIjoxNSwiLyoiOjE1fX0sIi9vcmdzL2I3OTY2YzY2LTFkZDMtMTFlNy1iNzE5LTAwMTYzZWQ4ZWM5YS9yb29tcy8qIjp7Ii92aXNpdG9ycyI6eyIvNDAzMDU4OTdiODExMDAzYzg3NzFjMDczNDY5NDRlNzciOnsiIjoxNSwiL2F1dG9zdWdnZXN0IjoxNSwiL2NoYXRzIjoxNSwiL2F1dG9zdWdnZXN0X3Blcm1pc3Npb24iOjE1fSwiIjoxNX0sIiI6MTUsIi9icmFuZCI6MTUsIi9vbmxpbmVfdXNlcnMiOjE1fX0sIi9hcHBzL3Zpc2l0b3IvdmJ3MzdvdXMyYzJ0M3NsaWh5YWFrYWFib3lkcmFxYnFsY2wzcWVpYWhzZHhkcWR0aTJrZTQ1eW0iOjE1fSwidXNlcl9pZCI6bnVsbCwib3JnYW5pemF0aW9uX2lkIjoiYjc5NjZjNjYtMWRkMy0xMWU3LWI3MTktMDAxNjNlZDhlYzlhIiwiYXBwX2lkIjpudWxsfQ.Lez3FtX75AHPinfme3EGaX24ITLkWZu0gaDAQ4RA8Ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:14:49 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
server: nginx
x-response-duration: 21
allow: GET, HEAD, OPTIONS
vary: Accept, Accept-Language, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-language: fi
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
p3p: CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
content-length: 488
expires: Wed, 06 Dec 2023 13:14:49 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.varma.fi/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 1LDwuhn7U50A0J0oCy4WT0bQl2uI5pQUCll3TNAu7JJcniVJV4o6yYeJRBgpxrXg_iIblIeJxk6u2wEFVw0jqZS3MiSjR4N-8rU8Et5RZQ41
www.varma.fi/	1969-12-31 23:59:59	Name: DefaultFrontpage Value: 170
.varma.fi/	1970-01-20 17:29:06	Name: language Value: en
www.varma.fi/	1969-12-31 23:59:59	Name: BIGipServer~Varma~www.varma.fi_HTTP_Pool Value: 1697580810.20480.0000
service.giosg.com/	1970-01-21 02:20:28	Name: sgid Value: 4l7nhjapzeizjdexv4aakaacontqeedotfgd5fbzchxistycikwbeaaxbq
www.varma.fi/	1970-01-21 01:30:04	Name: giosg_chat_id_3860 Value: nt2be4c44nhnotmn4yaaoqbqlcl3qeiahsdxdqdti2ke45ym
www.varma.fi/	1970-01-21 01:30:04	Name: giosg_sgid_3860 Value: 4l7nhjapzeizjdexv4aakaacontqeedotfgd5fbzchxistycikwbeaaxbq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' ws: wss: https://survey.feedbackly.com https://api.flockler.com https://.giosg.com https://.giosgusercontent.com https://www.google-analytics.com .google-analytics.com .analytics.google.com .hubapi.com js.hscta.net .hubspot.com .hs-banner.com .hscollectedforms.net .hsforms.com https://cdn.linkedin.oribi.io .bing.com wss://.bing.com https://.clarity.ms; default-src 'none'; font-src 'self' use.fontawesome.com fonts.googleapis.com fonts.gstatic.com https://fonts.gstatic.com; frame-src 'self' data: mailto: tel: https://www.facebook.com/ https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://.doubleclick.net .hubspot.com .hs-sites.com .hubspot.net play.hubspotvideo.com .hsforms.net .hsforms.com sdx.microsoft.com https://.clarity.ms https://w.soundcloud.com secredirect.wheelq.com surveys.wheelq.com www.youtube.com www.youtube-nocookie.com; img-src 'self' data: https://www.facebook.com https://.fbcdn.net flockler.com media-api.flockler.com giosg-chat-public-eu.s3.amazonaws.com cdn.giosgusercontent.com https://www.google-analytics.com https://www.googleanalytics.com https://www.googletagmanager.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.fi https://.doubleclick.net .google-analytics.com .analytics.google.com js.hscta.net no-cache.hubspot.com .hubspot.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net cdn2.hubspot.net .hsforms.net .hsforms.com https://.cdninstagram.com https://.ads.linkedin.com .bing.com .microsoft.com https://.clarity.ms https://.twimg.com img.youtube.com https://i.ytimg.com; object-src 'self'; script-src 'self' 'unsafe-eval' https://connect.facebook.net https://survey.feedbackly.com https://.giosg.com https://.giosgusercontent.com https://www.googletagmanager.com https://www.google-analytics.com https://tagmanager.google.com https://ssl.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com .hsadspixel.net .hs-analytics.net js.hscta.net .hubspot.com static.hsappstatic.net .usemessages.com .hs-banner.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net .hubspot.net .hscollectedforms.net .hsleadflows.net .hsforms.net .hsforms.com .hs-scripts.com .hubspotfeedback.com feedback.hubapi.com https://snap.licdn.com https://bat.bing.com https://r.bing.com https://c.bing.com https://.clarity.ms https://www.youtube.com/ https://www.youtube.com/iframe_api 'unsafe-inline'; style-src 'self' use.fontawesome.com https://.giosg.com https://.giosgusercontent.com https://fonts.googleapis.com https://tagmanager.google.com .hubspotusercontent00.net .hubspotusercontent10.net .hubspotusercontent20.net .hubspotusercontent30.net .hubspotusercontent40.net cdn2.hubspot.net .bing.com https://*.clarity.ms 'unsafe-inline';
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
service.giosg.com
www.googletagmanager.com
www.varma.fi
142.250.185.195
142.250.186.42
172.217.18.8
178.63.179.193
217.114.93.174
0275e5323da6fca5a40c4e3b64f9bcb36ea3b76883040c28ba2328afd817a58a
0c165bd82cbce56ca67741d0550c460ae08a228f5ad274e772166d0df839bab1
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0db85c8605c3e5ccc6802bb3537ec8056a443fc9494572acb7de67f6f4b2b4ff
1885a4cba776e40cb6f4c390951fd1a1d94601d8f3c08499191bfc8bb0064ff2
18e8453bada76319e4eef4aae93f93be4c8cecab5ae3f9a6d5d43439fb352403
1b81f4de2361f1e2713c1705dad31299b25450b35abb73f9cf1aae557cfec8d9
21de73a5525895cb7a260d0d9878ab7d68121dce45c8cd3b463235596555eead
293b905902485d07e3a679fd33d43332abada6e6bf3ac00cd0c8fb9a0a6ce4ba
2f825e0dfd42cc1f8063ea35ae03eb7fa17af11b2f4632599ccd57359cab77e8
3106e84ccc659cf72d727a2b4e801c7404982d448f6b69234073a03fda828ef0
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
503c87e76c945549718cd4cc1baa58f4e3c76708d1ae4130634e55e1d0b7b8e4
5262336b0722575d125a2940aed7f5d9d867590fef08a51b6dd9e0c81937c1d4
55970db6dba758cd318861fd64691dafeb8ef0e574cc2dc85c3d58aa0d486cb3
59c6dd2cf60d585a350f77ce181d555b30ef2789eb49f463cd7c31099e6668fd
5ca2e40e15c2ecddd76cfdbd484dffa85bff359aab32e1d8adc916ed3199cee3
5cae524f772332c5310f3dc9a2f74e175d9ae5f8a36cc2e2477ad5eb4264cb37
61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6
6c324d7d96e111392a2aa241d7063a502d45ea64d67a8080cdd9d25fe96c0adf
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ff48ea291e856f2060ed7d79ba6c996e5319d22009913205902f50bd154705e
86baa64e6178e90b0c208e50b6b827e9e2a948974924729479746d6cfce8dc6f
92194f77978153349ae0272c0b00dc2bd85b47249e5a97304da0c474e70d37fc
92be17680233419124079a6f486a3fab2993040411272f8f09b556dd1d382894
9b7485fd1793a6bc80757c40d9a24a9fe3076027c27532ba0a17038222973781
9bae7657ed3c30465a2b229784933c884dd2556ad870615c5046ed6e149b7ed6
b1259508352dbd9d4ce4b3f7ab1d0176b33a886a30fe03e3190a3a9dd31ebde4
bc9c1ccfaab9ff9d064370cea20e641d21ef90492fc8e179aaf24c5cc107a87a
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d3c6df5438dc5257ff4cb09fc5662c056385346c0624b26adb8ca446227f0182
d628e66a24efa46a36feb3def09a78847ce718c88a4b247b64f349fb0783e31d
e0204206312d27795be7813958786bf6824cecb9565738eec6ae156d7ce8d6d4
e6733ab5c46ff43706a6a7c4dcbb347b18754cacce73d483d1fcea7f350c941f
e969c40eb7425877c4ccbf4ba6c107fcd7ea3d5e1481d0e7dc9ff00f09983f6a
ea6af0738d9faff9cc91cda2149f599c5f7b3152e6a3df122bf68caf28362112
f852d4011e1c61e15651206227020c0f9836e08e0af9cdd29edfe2fd17345ac9
f94b7756c96411b34b90cedcd0234fb84c06127006b9af456d7633705ba8513b
fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed
ff83a39d36e9d3a3baacf060a6ba3de696e4ac682142e3f17174cad6e19c111f

www.varma.fi Open in urlscan Pro 217.114.93.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

1800 kBTransfer

3279 kBSize

7 Cookies

10 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.varma.fi Open in urlscan Pro
217.114.93.174 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1800 kB
Transfer

3279 kB
Size

7
Cookies

45 HTTP transactions
0 data transactions