urlscan.io logo urlscan.io
SecurityTrails logo

www.hsabank.com Open in urlscan Pro
70.37.166.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.emails.hsabank.com/?qs=311a9d1b6cb1d25068e149238bc787c478d64f63cbc6c7a418195e1489d5e57ffa17e40c984465361284b987c8a2...
Effective URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Submission: On April 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 36 HTTP transactions. The main IP is 70.37.166.146, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.hsabank.com. The Cisco Umbrella rank of the primary domain is 274758.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 19th 2022. Valid for: a year.
This is the only time www.hsabank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.111.23.196 (United States)

ASN22606 (EXACT-7, US)
PTR: click.emails.hsabank.com
click.emails.hsabank.com
15    70.37.166.146 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.hsabank.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
2    184.73.165.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-165-74.compute-1.amazonaws.com
7298557.collect.igodigital.com
nova.collect.igodigital.com
1    2600:9000:2156:de00:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.levelaccess.net
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com
pi.pardot.com
1    35.174.151.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-4-ue1.aws.pardot.com
info.hsabank.com
1    2600:1f18:4457:4600:3961:6863:faaf:edc8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.levelaccess.net
Apex Domain
Subdomains		 Transfer
17 hsabank.com
click.emails.hsabank.com
www.hsabank.com — Cisco Umbrella Rank: 274758
info.hsabank.com — Cisco Umbrella Rank: 427204
1 MB
4 gstatic.com
fonts.gstatic.com
62 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4246
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 levelaccess.net
cdn.levelaccess.net — Cisco Umbrella Rank: 9516
api.levelaccess.net — Cisco Umbrella Rank: 10333
58 KB
2 igodigital.com
7298557.collect.igodigital.com — Cisco Umbrella Rank: 415827
nova.collect.igodigital.com — Cisco Umbrella Rank: 4760
3 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3367
11 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5383
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 4
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
442 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
36 13
Domain Requested by
15 www.hsabank.com 1 redirects www.hsabank.com
4 fonts.gstatic.com fonts.googleapis.com
2 pi.pardot.com www.hsabank.com
pi.pardot.com
2 connect.facebook.net www.hsabank.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api.levelaccess.net cdn.levelaccess.net
1 info.hsabank.com pi.pardot.com
1 nova.collect.igodigital.com www.hsabank.com
1 netdna.bootstrapcdn.com www.hsabank.com
1 www.google.de www.hsabank.com
1 www.google.com www.hsabank.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.hsabank.com
1 cdn.levelaccess.net www.hsabank.com
1 7298557.collect.igodigital.com www.hsabank.com
1 maxcdn.bootstrapcdn.com www.hsabank.com
1 fonts.googleapis.com www.hsabank.com
1 click.emails.hsabank.com 1 redirects
36 18
Subject Issuer Validity Valid
www.hsabank.com
Entrust Certification Authority - L1K		 2022-03-19 -
2023-03-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.collect.igodigital.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
cdn.levelaccess.net
Amazon		 2022-01-30 -
2023-02-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-20 -
2022-04-20		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-08 -
2022-11-07		 a year crt.sh
info.hsabank.com
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
api.levelaccess.net
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Frame ID: D8178CA6B491ED071161F255AA84CF11
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tips to Navigate Your Journey - HSA Bank

Page URL History Show full URLs

  1. https://click.emails.hsabank.com/?qs=311a9d1b6cb1d25068e149238bc787c478d64f63cbc6c7a418195e1489d5e57ffa17e40c... HTTP 302
    https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey-enterprise HTTP 301
    https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

36
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

18
Subdomains

15
IPs

3
Countries

1793 kB
Transfer

3002 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.emails.hsabank.com/?qs=311a9d1b6cb1d25068e149238bc787c478d64f63cbc6c7a418195e1489d5e57ffa17e40c984465361284b987c8a23ed50cfe98fe3caa45bd HTTP 302
    https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey-enterprise HTTP 301
    https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tips-to-navigate-your-journey
www.hsabank.com/hsabank/campaign/
Redirect Chain
  • https://click.emails.hsabank.com/?qs=311a9d1b6cb1d25068e149238bc787c478d64f63cbc6c7a418195e1489d5e57ffa17e40c984465361284b987c8a23ed50cfe98fe3caa45bd
  • https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey-enterprise
  • https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3cf5e21c6c7c3e3e28c62d9c3ecba91c15b0603ba97a74a01de7fc3cc1923d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
15743
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Apr 2022 14:43:08 GMT
Expires
-1
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Content-Length
0
Date
Wed, 13 Apr 2022 14:43:08 GMT
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Location
/hsabank/campaign/tips-to-navigate-your-journey
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
bootstrapmin.css
www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/ 		118 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/bootstrapmin.css
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="bootstrapmin.css"
Content-Length
27680
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 21 Apr 2020 17:48:44 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
Date
Wed, 13 Apr 2022 14:43:09 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e23d4a5ea8878d7ebbe74aab8e6ff2c96e38e314ad045dd06e5b614b11abab5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 14:43:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Apr 2022 14:43:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Apr 2022 14:43:09 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
30710374
cdn-cachedat
2021-04-23 04:15:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2c2f4ee12c680b28653bf96b6a97db1b
cf-ray
6fb4f8f2dfd459d1-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
style.css
www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/ 		86 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c399e14b218d2b51c1b37a0c8e23257befc02b7a947c406202f3650640a599cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="style.css"
Content-Length
23715
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 02 Aug 2021 11:49:12 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
Date
Wed, 13 Apr 2022 14:43:09 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Accept-Ranges
bytes
tips-to-navigate-header-2.jpg
www.hsabank.com/hsabank/campaign/~/Media/Images/Mobile_Responsive_2017/2017/campaign/tips-to-navigate-your-journey/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/hsabank/campaign/~/Media/Images/Mobile_Responsive_2017/2017/campaign/tips-to-navigate-your-journey/tips-to-navigate-header-2.jpg
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f7e05ee83e43ec8e1aa344b178d645de8c5b93299deada745396ec9c8d53faba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 22 Jul 2020 15:02:54 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:09 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="tips-to-navigate-header-2.jpg"
Accept-Ranges
bytes
Content-Length
1162888
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
tips-page-banner-image
www.hsabank.com/hsabank/campaign/~/media/Images/Mobile_Responsive_2017/2017/campaign/tips-to-navigate-your-journey/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/hsabank/campaign/~/media/Images/Mobile_Responsive_2017/2017/campaign/tips-to-navigate-your-journey/tips-page-banner-image
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
63f59c90e65a6c2ea5b83ef22ae61ebaff0eda581a27554c6c2f508890c30a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 24 Jul 2020 14:04:49 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="tips-page-banner-image.jpg"
Accept-Ranges
bytes
Content-Length
86411
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
member-website-overview-button.png
www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/member-website-overview-button.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b3389fc81c4d9321eb8930406520c93795de57582fa759d52d7ee6a540aab83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:20:56 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="member-website-overview-button.png"
Accept-Ranges
bytes
Content-Length
6404
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
contributions-and-distributions-button.png
www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/contributions-and-distributions-button.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c8cf6b94686f9cc4dd36f66cc467d9523f5a794b79aea0bf787cd5cda3e27921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:20:55 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="contributions-and-distributions-button.png"
Accept-Ranges
bytes
Content-Length
6697
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
member-website-guide-button.png
www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/hsabank/campaign/~/media/images/2013/pg/tips-to-navigate-journey/member-website-guide-button.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
97a46b07811f5e4dbc0d29ce2f948a468c074e8b0cf13b93de1918fe3b5def3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:20:56 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="member-website-guide-button.png"
Accept-Ranges
bytes
Content-Length
4895
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
collect.js
7298557.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7298557.collect.igodigital.com/collect.js
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.165.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-165-74.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:43:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 14:40:44 GMT
vary
Accept-Encoding
content-type
application/javascript
access.js
cdn.levelaccess.net/accessjs/YW1wMTEwNDI/ 		439 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.levelaccess.net/accessjs/YW1wMTEwNDI/access.js
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5f5fd1e14bfb8a2d87c0f460596009ce5d7b4d42cf042c34994360890bc8a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
k6K2vtyultvWqixVqxQ8SXx1F6_XtiAd
Content-Encoding
gzip
ETag
"213a0985ed8f1926f70ca4d05060639e"
Age
145
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
58209
Last-Modified
Wed, 23 Feb 2022 17:32:40 GMT
Server
AmazonS3
Date
Wed, 13 Apr 2022 14:40:45 GMT
Content-Type
application/javascript
Via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
Cache-Control
max-age=900
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
odMYeJlETcBMVNwWJbj-RY1uw_WEaJEYAH8WjiDWSldG5DWWfKD3FQ==
SITE.js
www.hsabank.com/~/Media/Files/Custom_Java/HSABank/Mobile_Responsive_2017/ 		360 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hsabank.com/~/Media/Files/Custom_Java/HSABank/Mobile_Responsive_2017/SITE.js?v=1.07
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a8107c25148cd9771dd2082c84cbe07b585a0b9a02b99e94eaf15ed2ffde885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="SITE.js"
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 08 Jun 2021 13:24:44 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
Date
Wed, 13 Apr 2022 14:43:10 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PZV52K3
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb0f5acd14a07c916a4e062a711088d5d86b65187db736d04840d6b32c8da5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:43:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39380
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Apr 2022 14:43:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZV52K3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1558
date
Wed, 13 Apr 2022 14:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Apr 2022 16:17:11 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 12:22:33 GMT
x-content-type-options
nosniff
age
267637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Apr 2023 12:22:33 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1358255331&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey&ul=en-us&de=UTF-8&dt=Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=179809602&gjid=1624038772&cid=1354819295.1649860992&tid=UA-187387-6&_gid=1908695824.1649860992&_r=1&gtm=2wg460PZV52K3&z=576089045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hsabank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 14:43:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hsabank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-187387-6&cid=1354819295.1649860992&jid=179809602&gjid=1624038772&_gid=1908695824.1649860992&_u=YEBAAEAAAAAAAC~&z=745107084
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hsabank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Apr 2022 14:43:10 GMT
content-type
text/plain
access-control-allow-origin
https://www.hsabank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-187387-6&cid=1354819295.1649860992&jid=179809602&_u=YEBAAEAAAAAAAC~&z=1573040674
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 14:43:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-187387-6&cid=1354819295.1649860992&jid=179809602&_u=YEBAAEAAAAAAAC~&z=1573040674
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 14:43:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap-glyphicons.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
11359658
cdn-cachedat
2021-06-08 18:49:13
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
117cf68f2e117ed0c0818897f6461b78
cf-ray
6fb4f8f4ed9459d1-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
csN/32XPSmV03tQU6E6dsPXjQ2FLktUPXMvFMAQOMVcqMU7m1oknxslWQiQLa+78dP8S3AHF1xSpJpKXKrvQNA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 13 Apr 2022 14:43:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:30 GMT
x-content-type-options
nosniff
age
587560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
71001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 20:07:55 GMT
x-content-type-options
nosniff
age
66915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 20:07:55 GMT
tertiary-green-line.jpg
www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/tertiary-green-line.jpg
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cc3b5cfbea89a027388d2a8bfa5e0f511501ccf16f56ad9262cf10abc5ff3f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 08 Jun 2021 13:26:47 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="tertiary-green-line.jpg"
Accept-Ranges
bytes
Content-Length
12233
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
facebook-grey.png
www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/ 		320 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/facebook-grey.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ea0ca377484f9837aca91bb2d556ad0d62ed836a5a0c98d4a09edc6026c84e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:18:20 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="facebook-grey.png"
Accept-Ranges
bytes
Content-Length
320
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
twitter-grey.png
www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/twitter-grey.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bba7cc1311ac67910af9bfa0b863a0d6fcbf1c5ee4caec7f764c3562e4947ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:18:16 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="twitter-grey.png"
Accept-Ranges
bytes
Content-Length
1821
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
linkedin-grey.png
www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/ 		402 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/linkedin-grey.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
309f24a395e42590b12a4b3f298826f25517edd44fe9bddcc32300598cbb6755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:18:15 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="linkedin-grey.png"
Accept-Ranges
bytes
Content-Length
402
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
youtube-grey.png
www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/ 		389 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsabank.com/~/Media/Images/Mobile_Responsive_2017/icons/youtube-grey.png
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.37.166.146 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7cab3f2151fb03bcbe1f364addf0bb414a68215edc08e2772da0aba6d8df4f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/~/Media/Files/Custom_CSS/HSABank/Mobile_Responsive_2017/style.css?v=1.06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 19 Apr 2020 19:18:19 GMT
Server
Microsoft-IIS/10.0
Date
Wed, 13 Apr 2022 14:43:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=604800
Feature-Policy
microphone 'none';payment 'none';sync-xhr *;geolocation 'self'
Content-Disposition
inline; filename="youtube-grey.png"
Accept-Ranges
bytes
Content-Length
389
X-Content-Type-Options
nosniff
Request-Context
appId=cid-v1:8fedb8c4-35ce-49f3-a619-b84f98aa48d7
track_page_view
nova.collect.igodigital.com/c2/7298557/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/7298557/track_page_view?payload=%7B%22title%22%3A%22Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank%22%2C%22url%22%3A%22https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey%22%2C%22referrer%22%3A%22%22%7D
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.165.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-165-74.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-runtime
0.002964
date
Wed, 13 Apr 2022 14:43:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
e66bb935-055e-4472-9cf4-db2498344224
1686908524672324
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1686908524672324?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
591069106b4a2b43807af9c698de4109dafe78c991b51ea610839bd5fd69eed7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
jqp/y4CLNMuFAI6/cz20E5C9yFoSlLl4+9uD771FpQmVN0X0MTs1sjFhznOlKKNxtSC6vtI3QZca8s1f9Ja+Kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Apr 2022 14:43:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.hsabank.com
URL: https://www.hsabank.com/hsabank/campaign/tips-to-navigate-your-journey
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:43:11 GMT
content-encoding
gzip
X-Pardot-Route
8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
last-modified
Tue, 12 Apr 2022 05:17:48 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=63072000
accept-ranges
bytes
content-length
1950
expires
Fri, 12 Apr 2024 14:43:11 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1267&account_id=149681&title=Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank&url=https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
ba761ea505e0cb789930ed452f7ba27efa08b1babc2946d3842b5267919d436d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 14:43:11 GMT
content-encoding
gzip
X-Pardot-Route
403edde838d926b2f64a33ea88db7473
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
551
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
info.hsabank.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://info.hsabank.com/analytics?conly=true&visitor_id=343507907&visitor_id_sign=9adbb8890e141d74e04f58bc871fff0a7ea18d7c366880a302f4feb2a3a8a275b3a68bb52fc66dec9dbf43294966b08f152e1115&pi_opt_in=&campaign_id=1267&account_id=149681&title=Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank&url=https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1267&account_id=149681&title=Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank&url=https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 14:43:12 GMT
X-Pardot-Route
403edde838d926b2f64a33ea88db7473
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
x-pardot-rsp
0/0/1
vary
User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
content-length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
results
api.levelaccess.net/analytics/3.0/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.levelaccess.net/analytics/3.0/results
Requested by
Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTEwNDI/access.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4457:4600:3961:6863:faaf:edc8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hsabank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 13 Apr 2022 14:43:14 GMT
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| piAId string| piCId function| fbq function| _fbq object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| $jscomp function| $jscomp$lookupPolyfilledValue object| LevelAccess_AccessJS_AccessEngine object| LevelAccess_AccessJS_FixPackage object| LevelAccess_AccessJS_OrgDetails object| LevelAccess_AccessJS string| AccNamePrototypeNameSpace object| LevelAccess_CalcNames string| activeTabName string| currentPageId object| breakpointChange function| isBlank function| scrollToElement function| init_nav function| init_carousels function| activateTabAndPane function| init_audience_tabs function| deactivateAudienceTabs object| SiteData function| createCountDownClock function| checkCountDownPageURL function| checkForCountdownCookie function| createCountdownCookie function| closeCookie function| List function| ResCarouselOnInit function| ResCarouselSlide function| ResCarouselResize function| ResCarouselSize function| ResCarousel function| ResCarouselLoad1 function| resCarouselAnimator function| $ function| jQuery function| Cookies object| html5 object| Modernizr object| core object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| is function| ScrollMagic object| picturefillCFG function| picturefill object| AK function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

10 Cookies

Domain/Path Name / Value
.hsabank.com/ Name: _ga
Value: GA1.2.1354819295.1649860992
.hsabank.com/ Name: _gid
Value: GA1.2.1908695824.1649860992
.hsabank.com/ Name: _gat_gtmtrack
Value: 1
.pardot.com/ Name: visitor_id148681
Value: 343507907
.pardot.com/ Name: visitor_id148681-hash
Value: 9adbb8890e141d74e04f58bc871fff0a7ea18d7c366880a302f4feb2a3a8a275b3a68bb52fc66dec9dbf43294966b08f152e1115
pi.pardot.com/ Name: lpv148681
Value: aHR0cHM6Ly93d3cuaHNhYmFuay5jb20vaHNhYmFuay9jYW1wYWlnbi90aXBzLXRvLW5hdmlnYXRlLXlvdXItam91cm5leQ%3D%3D
www.hsabank.com/ Name: visitor_id148681
Value: 343507907
www.hsabank.com/ Name: visitor_id148681-hash
Value: 9adbb8890e141d74e04f58bc871fff0a7ea18d7c366880a302f4feb2a3a8a275b3a68bb52fc66dec9dbf43294966b08f152e1115
info.hsabank.com/ Name: visitor_id148681
Value: 343507907
info.hsabank.com/ Name: visitor_id148681-hash
Value: 9adbb8890e141d74e04f58bc871fff0a7ea18d7c366880a302f4feb2a3a8a275b3a68bb52fc66dec9dbf43294966b08f152e1115

1 Console Messages

Source Level URL
Text
network error URL: https://nova.collect.igodigital.com/c2/7298557/track_page_view?payload=%7B%22title%22%3A%22Tips%20to%20Navigate%20Your%20Journey%20-%20HSA%20Bank%22%2C%22url%22%3A%22https%3A%2F%2Fwww.hsabank.com%2Fhsabank%2Fcampaign%2Ftips-to-navigate-your-journey%22%2C%22referrer%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7298557.collect.igodigital.com
api.levelaccess.net
cdn.levelaccess.net
click.emails.hsabank.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
info.hsabank.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
nova.collect.igodigital.com
pi.pardot.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hsabank.com
13.111.23.196
184.73.165.74
2600:1f18:4457:4600:3961:6863:faaf:edc8
2600:9000:2156:de00:1:fb61:2b80:93a1
2606:4700::6812:bcf
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:803::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c0b::9d
2a03:2880:f02d:12:face:b00c:0:3
35.174.151.106
52.202.69.186
70.37.166.146
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
309f24a395e42590b12a4b3f298826f25517edd44fe9bddcc32300598cbb6755
3cf5e21c6c7c3e3e28c62d9c3ecba91c15b0603ba97a74a01de7fc3cc1923d7d
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
591069106b4a2b43807af9c698de4109dafe78c991b51ea610839bd5fd69eed7
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
63f59c90e65a6c2ea5b83ef22ae61ebaff0eda581a27554c6c2f508890c30a20
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a8107c25148cd9771dd2082c84cbe07b585a0b9a02b99e94eaf15ed2ffde885
7cab3f2151fb03bcbe1f364addf0bb414a68215edc08e2772da0aba6d8df4f8f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
97a46b07811f5e4dbc0d29ce2f948a468c074e8b0cf13b93de1918fe3b5def3c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b3389fc81c4d9321eb8930406520c93795de57582fa759d52d7ee6a540aab83f
ba761ea505e0cb789930ed452f7ba27efa08b1babc2946d3842b5267919d436d
bba7cc1311ac67910af9bfa0b863a0d6fcbf1c5ee4caec7f764c3562e4947ceb
c399e14b218d2b51c1b37a0c8e23257befc02b7a947c406202f3650640a599cb
c8cf6b94686f9cc4dd36f66cc467d9523f5a794b79aea0bf787cd5cda3e27921
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
cc3b5cfbea89a027388d2a8bfa5e0f511501ccf16f56ad9262cf10abc5ff3f66
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23d4a5ea8878d7ebbe74aab8e6ff2c96e38e314ad045dd06e5b614b11abab5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f5fd1e14bfb8a2d87c0f460596009ce5d7b4d42cf042c34994360890bc8a25
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ea0ca377484f9837aca91bb2d556ad0d62ed836a5a0c98d4a09edc6026c84e8a
eb0f5acd14a07c916a4e062a711088d5d86b65187db736d04840d6b32c8da5ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7e05ee83e43ec8e1aa344b178d645de8c5b93299deada745396ec9c8d53faba