omatsivut.tfbank.fi Open in urlscan Pro
13.69.68.13  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response omatsivut.tfbank.fi/	2 KB 2 KB	225ms 37ms	Document text/html	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 97a0e5c82408e7ce55658e76c028abde1d05e63bb409cc37955a0d9f25bedecf Request headers Host omatsivut.tfbank.fi Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 1420 Content-Type text/html Content-Encoding gzip Last-Modified Wed, 09 Jun 2021 09:45:42 GMT Accept-Ranges bytes ETag "0672736145dd71:0" Vary Accept-Encoding Server Microsoft-IIS/10.0 Set-Cookie TiPMix=74.3841479413138; path=/; HttpOnly; Domain=omatsivut.tfbank.fi; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=omatsivut.tfbank.fi; Max-Age=3600; Secure ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62;Path=/;HttpOnly;Secure;Domain=omatsivut.tfbank.fi ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62;Path=/;HttpOnly;SameSite=None;Secure;Domain=omatsivut.tfbank.fi X-Powered-By ASP.NET Date Wed, 18 Aug 2021 17:54:31 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 827 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 18 Aug 2021 17:51:36 GMT server ESF date Wed, 18 Aug 2021 17:54:32 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 18 Aug 2021 17:54:32 GMT
GET H2	200	icon fonts.googleapis.com/	568 B 438 B	22ms 21ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 53f890086acad394e8e70534d530658477d46f199fb7b7b909b742d611b6bc3c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 18 Aug 2021 17:54:32 GMT server ESF date Wed, 18 Aug 2021 17:54:32 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 18 Aug 2021 17:54:32 GMT
GET H/1.1	200 OK	2.99f6ab05.chunk.css omatsivut.tfbank.fi/static/css/	190 KB 68 KB	31ms 30ms	Stylesheet text/css	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/static/css/2.99f6ab05.chunk.css Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9d960072d0da2f8ab1a62128c9c9df14ce2d3b1449d9b5cc99cffbf03851a6a8 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://omatsivut.tfbank.fi/ Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62 Connection keep-alive Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0672736145dd71:0" Last-Modified Wed, 09 Jun 2021 09:45:42 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	main.178ebb54.chunk.css omatsivut.tfbank.fi/static/css/	140 KB 30 KB	110ms 35ms	Stylesheet text/css	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/static/css/main.178ebb54.chunk.css Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash cabfc6a3b033bcea2974bd06e706af371d2dd7e14fb367961fa0ce6dac359645 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://omatsivut.tfbank.fi/ Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62 Connection keep-alive Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0672736145dd71:0" Last-Modified Wed, 09 Jun 2021 09:45:42 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 30741
GET H/1.1	200 OK	2.118eb7af.chunk.js Show response omatsivut.tfbank.fi/static/js/	3 MB 1 MB	128ms 50ms	Script application/x-javascript	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8893ff577a4b283b5d107951fd82355159783bc2e4f232b0a48ca92ad597683c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://omatsivut.tfbank.fi/ Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62 Connection keep-alive Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0672736145dd71:0" Last-Modified Wed, 09 Jun 2021 09:45:42 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	main.94fa4da0.chunk.js Show response omatsivut.tfbank.fi/static/js/	171 KB 56 KB	111ms 31ms	Script application/x-javascript	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/static/js/main.94fa4da0.chunk.js Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 07573d7af4f040ee083bff07a672c2b320c2e8c4ece8c2d127d2ef693538909b Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://omatsivut.tfbank.fi/ Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62 Connection keep-alive Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0672736145dd71:0" Last-Modified Wed, 09 Jun 2021 09:45:42 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 57517
GET H3-29	200	css fonts.googleapis.com/	3 KB 633 B	31ms 17ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Dosis|Open+Sans&display=swap Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/css/main.178ebb54.chunk.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2aa5b49cd36e031d2884a8de3bcb93828e7afb4176ee4e4c271e8b50e43dede2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 18 Aug 2021 17:54:33 GMT server ESF date Wed, 18 Aug 2021 17:54:33 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 18 Aug 2021 17:54:33 GMT
GET H3-29	200	css2 fonts.googleapis.com/	7 KB 609 B	28ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:wght@100;400;600;800&display=swap Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/css/main.178ebb54.chunk.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3cbb4b23567db5cbbbfb6231b5ac92be6bd842033a2d7dc67bbb71f03d6068ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 18 Aug 2021 17:54:33 GMT server ESF date Wed, 18 Aug 2021 17:54:33 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 18 Aug 2021 17:54:33 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	129 KB 48 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5PHJMBM&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f1ba68aca6dcd697093ee688bf144a704828db562fa1174dc0ceaa45b0080f5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:54:33 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49161 x-xss-protection 0 last-modified Wed, 18 Aug 2021 17:34:37 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 18 Aug 2021 17:54:33 GMT
GET H/1.1	200 OK	translation.json Show response omatsivut.tfbank.fi/locales/fi/	19 KB 8 KB	28ms 27ms	XHR application/json	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/locales/fi/translation.json Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bc5405e2db7ffad085bc7f89fb482975aaae53732d71e5333df1bfdf96ece8d9 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ai_user=lyTFY|2021-08-18T17:54:33.368Z Connection keep-alive Request-Id |4f535a789a534fbaad8f5fdae5e86ae3.deab242c25264cd4 Referer https://omatsivut.tfbank.fi/ Referer https://omatsivut.tfbank.fi/ X-Requested-With XMLHttpRequest Request-Id |4f535a789a534fbaad8f5fdae5e86ae3.deab242c25264cd4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0361f1f5dd71:0" Last-Modified Wed, 09 Jun 2021 09:15:08 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/json Accept-Ranges bytes Content-Length 8341
GET H/1.1	200 OK	translation.json Show response omatsivut.tfbank.fi/locales/common/	2 KB 1 KB	26ms 26ms	XHR application/json	13.69.68.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://omatsivut.tfbank.fi/locales/common/translation.json Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.68.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 62a55a08e88050dd2a13cea786b3a128bd1b84adf1016e1dfe118af2a792b803 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host omatsivut.tfbank.fi Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie TiPMix=74.3841479413138; x-ms-routing-name=self; ARRAffinity=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ARRAffinitySameSite=183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62; ai_user=lyTFY|2021-08-18T17:54:33.368Z Connection keep-alive Request-Id |4f535a789a534fbaad8f5fdae5e86ae3.fd07e12a8c744b8c Referer https://omatsivut.tfbank.fi/ Referer https://omatsivut.tfbank.fi/ X-Requested-With XMLHttpRequest Request-Id |4f535a789a534fbaad8f5fdae5e86ae3.fd07e12a8c744b8c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 17:54:32 GMT Content-Encoding gzip ETag "0361f1f5dd71:0" Last-Modified Wed, 09 Jun 2021 09:15:08 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/json Accept-Ranges bytes Content-Length 931
GET H2	200	kv Show response mypagesappconfiguration-prod.azconfig.io/	133 B 817 B	34ms 33ms	XHR application/vnd.microsoft.appconfig.kvset+json	20.61.98.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mypagesappconfiguration-prod.azconfig.io/kv?key=toggling*&label=fi&api-version=1.0&$Select=key,value Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.61.98.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software openresty/1.17.8.2 / Resource Hash 1b7663937be013264f281f7c534f74bd06196bad19e8d01c9770434edfd7e11f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers authorization HMAC-SHA256 Credential=PEhz-l9-s0:reeu4XoZ+Mi5QyWd0ExE, SignedHeaders=x-ms-date;host;x-ms-content-sha256, Signature=gGvPuTd9izmRHBxxaalTNrWpx1H3k/zq+tlckKilYlo= x-ms-content-sha256 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU= content-type application/json; charset=utf-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://omatsivut.tfbank.fi/ x-ms-client-request-id 9e88db24-6572-4b95-9ffd-41512a6bd24b x-ms-useragent azsdk-js-app-configuration/1.1.0 core-http/1.2.1 OS/Linuxx86_64 x-ms-date Wed, 18 Aug 2021 17:54:33 GMT Response headers date Wed, 18 Aug 2021 17:54:33 GMT x-ms-correlation-request-id 40f10591-e7a7-4b69-9b1c-bb1544c95aa2 server openresty/1.17.8.2 sync-token zAJw6V16=MTE6MTkjMzM4MDgwOQ==;sn=3380809 strict-transport-security max-age=15724800; includeSubDomains content-type application/vnd.microsoft.appconfig.kvset+json; charset=utf-8 access-control-allow-origin * x-ms-request-id 40f10591-e7a7-4b69-9b1c-bb1544c95aa2 access-control-expose-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, x-ms-client-request-id, x-ms-useragent, x-ms-content-sha256, x-ms-date, host, Accept, Accept-Datetime, Date, If-Match, If-None-Match, Sync-Token, x-ms-return-client-request-id, ETag, Last-Modified, Link, Memento-Datetime, retry-after-ms, x-ms-request-id, x-ms-client-session-id, x-ms-effective-locale, WWW-Authenticate access-control-allow-credentials true
OPTIONS H2	204	kv mypagesappconfiguration-prod.azconfig.io/	0 0	207ms 27ms	Preflight	20.61.98.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mypagesappconfiguration-prod.azconfig.io/kv?key=toggling*&label=fi&api-version=1.0&$Select=key,value Protocol H2 Server 20.61.98.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software openresty/1.17.8.2 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,x-ms-client-request-id,x-ms-content-sha256,x-ms-date,x-ms-useragent Origin https://omatsivut.tfbank.fi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server openresty/1.17.8.2 date Wed, 18 Aug 2021 17:54:32 GMT access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-headers DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, x-ms-client-request-id, x-ms-useragent, x-ms-content-sha256, x-ms-date, host, Accept, Accept-Datetime, Date, If-Match, If-None-Match, Sync-Token, x-ms-return-client-request-id, ETag, Last-Modified, Link, Memento-Datetime, retry-after-ms, x-ms-request-id, x-ms-client-session-id, x-ms-effective-locale, WWW-Authenticate access-control-max-age 1728000 content-length 0
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PHJMBM&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 1079 date Wed, 18 Aug 2021 17:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Wed, 18 Aug 2021 19:36:34 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=296312086&t=pageview&_s=1&dl=https%3A%2F%2Fomatsivut.tfbank.fi%2Flogin&ul=en-us&de=UTF-8&dt=TF%20Bank%20My%20Pages&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1664572704&gjid=1275443325&cid=2027290932.1629309273&tid=UA-172819920-1&_gid=1649260899.1629309273&_r=1&gtm=2wg8g05PHJMBM&z=2059299783 Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://omatsivut.tfbank.fi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 18 Aug 2021 17:54:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://omatsivut.tfbank.fi cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	91ms 25ms	Preflight	13.69.65.23 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://omatsivut.tfbank.fi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Wed, 18 Aug 2021 17:54:33 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 212 B	352ms 352ms	XHR application/json	13.69.65.23 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: omatsivut.tfbank.fi URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 623ed5003883eaff4fdeaf9e32edf2f2e752897d1372d2c719827d11d14fa240 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://omatsivut.tfbank.fi/ Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-ms-session-id 90720917-A89A-478E-9C85-E9D145E3817C strict-transport-security max-age=31536000 x-content-type-options nosniff date Wed, 18 Aug 2021 17:54:33 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonpmypages.webui object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __assign function| __extends object| PageDataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tfbank.fi/	1970-01-19 20:35:09	Name: _gat_UA-172819920-1 Value: 1
			.tfbank.fi/	1970-01-19 20:36:35	Name: _gid Value: GA1.2.1649260899.1629309273
			.tfbank.fi/	1970-01-20 14:06:21	Name: _ga Value: GA1.2.2027290932.1629309273
			omatsivut.tfbank.fi/	1970-01-19 20:35:11	Name: ai_session Value: 6yx5Y|1629309273407.7|1629309273407.7
			.omatsivut.tfbank.fi/	1969-12-31 23:59:59	Name: ARRAffinity Value: 183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62
			.omatsivut.tfbank.fi/	1970-01-19 20:35:12	Name: TiPMix Value: 74.3841479413138
			.omatsivut.tfbank.fi/	1970-01-19 20:35:12	Name: x-ms-routing-name Value: self
			omatsivut.tfbank.fi/	1970-01-20 05:20:45	Name: ai_user Value: lyTFY|2021-08-18T17:54:33.368Z
			.omatsivut.tfbank.fi/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 183d714a1e04a01e0d3a3e222419677bed8b4c3850ea4d2bd777422d3df7ba62

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://omatsivut.tfbank.fi/static/js/2.118eb7af.chunk.js(Line 2) Message: TypeError: Cannot read property 'removeItem' of null
console-api	log	URL: https://omatsivut.tfbank.fi/static/js/main.94fa4da0.chunk.js(Line 1) Message: setting [object Object]
console-api	log	URL: https://omatsivut.tfbank.fi/static/js/main.94fa4da0.chunk.js(Line 1) Message: setting [object Object]
console-api	log	URL: https://omatsivut.tfbank.fi/static/js/main.94fa4da0.chunk.js(Line 1) Message: setting [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dc.services.visualstudio.com
fonts.googleapis.com
mypagesappconfiguration-prod.azconfig.io
omatsivut.tfbank.fi
www.google-analytics.com
www.googletagmanager.com
13.69.65.23
13.69.68.13
20.61.98.0
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
07573d7af4f040ee083bff07a672c2b320c2e8c4ece8c2d127d2ef693538909b
1b7663937be013264f281f7c534f74bd06196bad19e8d01c9770434edfd7e11f
2aa5b49cd36e031d2884a8de3bcb93828e7afb4176ee4e4c271e8b50e43dede2
3cbb4b23567db5cbbbfb6231b5ac92be6bd842033a2d7dc67bbb71f03d6068ad
53f890086acad394e8e70534d530658477d46f199fb7b7b909b742d611b6bc3c
623ed5003883eaff4fdeaf9e32edf2f2e752897d1372d2c719827d11d14fa240
62a55a08e88050dd2a13cea786b3a128bd1b84adf1016e1dfe118af2a792b803
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8893ff577a4b283b5d107951fd82355159783bc2e4f232b0a48ca92ad597683c
97a0e5c82408e7ce55658e76c028abde1d05e63bb409cc37955a0d9f25bedecf
9d960072d0da2f8ab1a62128c9c9df14ce2d3b1449d9b5cc99cffbf03851a6a8
bc5405e2db7ffad085bc7f89fb482975aaae53732d71e5333df1bfdf96ece8d9
cabfc6a3b033bcea2974bd06e706af371d2dd7e14fb367961fa0ce6dac359645
d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
f1ba68aca6dcd697093ee688bf144a704828db562fa1174dc0ceaa45b0080f5f