urlscan.io logo urlscan.io
SecurityTrails logo

admin.hsabank.com Open in urlscan Pro
52.70.211.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://admin.hsabank.com/
Submission: On February 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 52.70.211.243, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.hsabank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 6th 2023. Valid for: a year.
This is the only time admin.hsabank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 52.70.211.243 14618 (AMAZON-AES)
4 18.66.147.4 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.71.149.114 16509 (AMAZON-02)
15 4
Apex Domain
Subdomains		 Transfer
10 hsabank.com
admin.hsabank.com
identity.hsabank.com — Cisco Umbrella Rank: 136598
6 MB
4 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 9626
77 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
15 3
Domain Requested by
7 admin.hsabank.com admin.hsabank.com
4 global.oktacdn.com admin.hsabank.com
global.oktacdn.com
3 identity.hsabank.com admin.hsabank.com
1 fonts.googleapis.com admin.hsabank.com
15 4

This site contains no links.

Subject Issuer Validity Valid
admin.hsabank.com
Entrust Certification Authority - L1K		 2023-02-06 -
2024-03-06		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
identity.hsabank.com
Entrust Certification Authority - L1K		 2022-10-24 -
2023-11-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://admin.hsabank.com/
Frame ID: A0A7ABFABAA1EDDC4E333CFA78A42B1C
Requests: 13 HTTP requests in this frame

Frame: https://identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/v1/authorize?client_id=0oa27xhqu2byngE4e5d7&code_challenge=TdFtuIFeVU2mZCcmxe7iKkD5fRPb83QXFzQn3qib7Q4&code_challenge_method=S256&nonce=5IDy6v0EuqbZeI1oPQxtwsxiujCsOo2IsHeFaT8WoKpiztaEC9grPVc8C4O40NFo&prompt=none&redirect_uri=https%3A%2F%2Fadmin.hsabank.com%2Flogin%2Fcallback&response_mode=okta_post_message&response_type=code&state=zfakpH9WhcV0fbpaoY7zDDEyoxR84YJTYstyJXZUOrFEOCZ7SnHxftEkS4vhZU9H&scope=openid%20profile%20email%20groups
Frame ID: AD9BDC0A6F9DBA621A10492EEFCF761B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HSA Admin Portal

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

6572 kB
Transfer

6740 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
admin.hsabank.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eecdc773de903626c936b61fd4e01168ed73f498df67934b880f4d12387de527

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-length
1345
content-type
text/html
date
Mon, 06 Feb 2023 05:15:01 GMT
etag
"6376b481-541"
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/5.7.2/css/ 		202 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40c3121a489ecf4d06ffb68709efb889d2ab779b4dd371527eaf796955bbae68
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
VvukKMEBP0F2UyskOLCiszDJuA3_cOgE
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 05:15:03 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 10 Jun 2021 22:26:47 GMT
server
AmazonS3
etag
W/"b651edff3a4d4492c2938339c8acfccd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
EpMFf3bdvfBIhA_O9TA-vGO0e5rytTQl5Y0_vDrDB2wrxhWo1rJsXQ==
styles.8834e4ad4d0a7e235337.css
admin.hsabank.com/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/styles.8834e4ad4d0a7e235337.css
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4473e2e36d07aa683304282b53d5a92bc0246619657c0b12116e13436ef59d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:01 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-150e74"
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
content-length
1379956
runtime-es2015.d38c0f185c03e5f3bd0c.js
admin.hsabank.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/runtime-es2015.d38c0f185c03e5f3bd0c.js
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
74081e737c998ba7ac788e27b619ef01397a86cf7c021270274450ca562ec584

Request headers

Referer
https://admin.hsabank.com/
Origin
https://admin.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:01 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-8ed"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2285
polyfills-es2015.c706c2c58ad3bcef21f4.js
admin.hsabank.com/ 		64 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/polyfills-es2015.c706c2c58ad3bcef21f4.js
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
89c6b6e5b92140b8192fa1286ec57c4ee72a63b622cb01ebc6671beb55464db1

Request headers

Referer
https://admin.hsabank.com/
Origin
https://admin.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:01 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-101d7"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
66007
scripts.746d35be0c28c821fa1c.js
admin.hsabank.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/scripts.746d35be0c28c821fa1c.js
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2fc23ade4023bbd851bba7012a0c9e232affeb41c3dbb2d3135460576bc09bf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:01 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-15ee2f"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1437231
main-es2015.2c95b452c0ac1910d8fa.js
admin.hsabank.com/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/main-es2015.2c95b452c0ac1910d8fa.js
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd818d53541d07b01a2c7778dab8706eb23e5bf4fce874b9372b611c73b1e51a

Request headers

Referer
https://admin.hsabank.com/
Origin
https://admin.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:01 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-303759"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3159897
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/styles.8834e4ad4d0a7e235337.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 05:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 04:39:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 05:15:15 GMT
5-es2015.8abd8fb201015e9121f2.js
admin.hsabank.com/ 		574 KB
575 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.hsabank.com/5-es2015.8abd8fb201015e9121f2.js
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/runtime-es2015.d38c0f185c03e5f3bd0c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.211.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-211-243.compute-1.amazonaws.com
Software
nginx /
Resource Hash
39298531e7bf619b067691e79b6931bb952d54a3e4f6609b4ee5d09fb5a8bf9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.hsabank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:15:21 GMT
last-modified
Thu, 17 Nov 2022 22:24:01 GMT
server
nginx
etag
"6376b481-8f99b"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
588187
openid-configuration
identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/.well-known/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/.well-known/openid-configuration
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/polyfills-es2015.c706c2c58ad3bcef21f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.149.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9fabdf042c40ac50.awsglobalaccelerator.com
Software
nginx /
Resource Hash
1904f01843829f2a3c495b814330854b8fa19dca75e1343b8f6727c4617a8cba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://admin.hsabank.com/
X-Okta-User-Agent-Extended
okta-auth-js/5.4.3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

X-Okta-Request-Id
Y-CM7DwcMvScWhag_b07egAAC_Q
Date
Mon, 06 Feb 2023 05:15:24 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' hsabank.okta.com identity.hsabank.com *.oktacdn.com; connect-src 'self' hsabank.okta.com hsabank-admin.okta.com identity.hsabank.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com hsabank.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' hsabank.okta.com identity.hsabank.com *.oktacdn.com; style-src 'unsafe-inline' 'self' hsabank.okta.com identity.hsabank.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' hsabank.okta.com hsabank-admin.okta.com identity.hsabank.com login.okta.com; img-src 'self' hsabank.okta.com identity.hsabank.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' hsabank.okta.com identity.hsabank.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://admin.hsabank.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Tue, 07 Feb 2023 05:15:24 GMT
openid-configuration
identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.149.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9fabdf042c40ac50.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://admin.hsabank.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://admin.hsabank.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Mon, 06 Feb 2023 05:15:24 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
Y-CM7DwcMvScWhag_b07eAAAC_Q
authorize
identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/v1/ Frame AD9B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.hsabank.com/oauth2/aus27wybo905MQdKT5d7/v1/authorize?client_id=0oa27xhqu2byngE4e5d7&code_challenge=TdFtuIFeVU2mZCcmxe7iKkD5fRPb83QXFzQn3qib7Q4&code_challenge_method=S256&nonce=5IDy6v0EuqbZeI1oPQxtwsxiujCsOo2IsHeFaT8WoKpiztaEC9grPVc8C4O40NFo&prompt=none&redirect_uri=https%3A%2F%2Fadmin.hsabank.com%2Flogin%2Fcallback&response_mode=okta_post_message&response_type=code&state=zfakpH9WhcV0fbpaoY7zDDEyoxR84YJTYstyJXZUOrFEOCZ7SnHxftEkS4vhZU9H&scope=openid%20profile%20email%20groups
Requested by
Host: admin.hsabank.com
URL: https://admin.hsabank.com/main-es2015.2c95b452c0ac1910d8fa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.149.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9fabdf042c40ac50.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c4d4af6a59028fb35de86da833c1afd381d300b6bf2fa98fc93f4372234fb7b8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://admin.hsabank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 06 Feb 2023 05:15:24 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
Y-CM7M7H7R6dzEsUDoVKGgAAC2o
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1675660584
x-xss-protection
0
checkbox-sign-in-widget.png
global.oktacdn.com/okta-signin-widget/5.7.2/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.oktacdn.com/okta-signin-widget/5.7.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
jWXSPGBemxPCdDQgVvLZfz90HYhjW6N2
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 05:15:25 GMT
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
38316
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3141
last-modified
Thu, 10 Jun 2021 22:26:47 GMT
server
AmazonS3
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
eOCfejAusqwTWsITk-HAfFOZBJILojhnXHREjlBD2PoJ9HPF0Cq6Pg==
montserrat-light-webfont.woff
global.oktacdn.com/okta-signin-widget/5.7.2/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/5.7.2/font/montserrat-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Origin
https://admin.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 16:20:45 GMT
x-amz-version-id
ZyZYpWzoFd_rWjn7yCEs81O4z24rZjeh
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
46481
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22112
last-modified
Thu, 10 Jun 2021 22:26:47 GMT
server
AmazonS3
etag
"6225f3ca44b83090833064727a09cc95"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
L168X8uooIaGKqJOUs8D1XclakcsbHbzVWmv_ojIMLWftNi9fLHOqw==
montserrat-regular-webfont.woff
global.oktacdn.com/okta-signin-widget/5.7.2/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/5.7.2/font/montserrat-regular-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/5.7.2/css/okta-sign-in.min.css
Origin
https://admin.hsabank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 16:20:45 GMT
x-amz-version-id
P16aVEi.SdFaZmL.94YUgHl9EbmQJIPe
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
46481
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
21980
last-modified
Thu, 10 Jun 2021 22:26:47 GMT
server
AmazonS3
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
LVgemuYGGLaYd6o6pmbwoLsRbGS2mN2-ZNFNqzg81oz_BifroS3Yfw==

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| Pace number| mce-data-1goiicmlj object| __zone_symbol__DOMContentLoadedfalse object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| tinyMCE object| tinymce object| echarts object| bmap function| Color function| Chart object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime object| Backbone function| jQueryCourage object| u2f function| _ object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__storagefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__messagefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies