urlscan.io logo urlscan.io
SecurityTrails logo

www.ht.bank Open in urlscan Pro
2606:4700:10::6816:e67  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ht.bank/
Submission Tags: falconsandbox
Submission: On November 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700:10::6816:e67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ht.bank.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.
This is the only time www.ht.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 107.162.133.84 55002 (DEFENSE-NET)
2 2a00:1450:400... 15169 (GOOGLE)
32 5
27    2606:4700:10::6816:e67 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ht.bank
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    107.162.133.84 (United States)

ASN55002 (DEFENSE-NET, US)
web1.secureinternetbank.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
27 www.ht.bank www.ht.bank
ajax.cloudflare.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 web1.secureinternetbank.com www.ht.bank
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com www.ht.bank
32 5

This site contains links to these domains. Also see Links.

Domain
web1.secureinternetbank.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-18 -
2021-08-18		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
web1.secureinternetbank.com
DigiCert SHA2 Extended Validation Server CA		 2019-12-27 -
2022-02-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.ht.bank/
Frame ID: 810EEF3CFA1767DE67044E5D7C149116
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

32
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1573 kB
Transfer

2312 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ht.bank/ 		81 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d09bb6b7835fe8c97b24afa30a552a4a2f84fe0a2542ac0965b189fcb7d8105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ht.bank
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d5fecef88c858f564cec2c43c0640feec1606023318; expires=Tue, 22-Dec-20 05:35:18 GMT; path=/; domain=.ht.bank; HttpOnly; SameSite=Lax; Secure Cms.Tracing.Enabled=sEy4K0pL/4g=; path=/ Cms.Customer.Name=ORbMW4hcz3Z/VFvuTQHAvWgPfqqy5UPyomrgzerXY8w=; path=/
cache-control
private
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
06900c21f4000005c4912b9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
cf-ray
5f6049498bde05c4-FRA
content-encoding
br
normalize.css
www.ht.bank/css/ 		2 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/css/normalize.css
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f062682e6267b0c0cdb478ad5be0298ccfc823bd6269f5880ef6208f031f870f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=8667
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c23b8000005c46a3d6000000001
last-modified
Thu, 01 Aug 2019 13:28:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8077c796d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494c587b05c4-FRA
cf-bgj
minify
style.css
www.ht.bank/css/ 		87 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/css/style.css
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d9a21f8570de18b803e5f7f2c41dd29f72c13061dc7e8c7e4fc75d45ef32d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c23b9000005c4563c7000000001
last-modified
Fri, 07 Aug 2020 15:20:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"809ba49ce6cd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494c587d05c4-FRA
font-awesome-min.css
www.ht.bank/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/css/font-awesome-min.css
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6694fc70fbc1f5f2b562c1d140ceb26cca1e40db6972d6b15cd1a2191dbef684
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c23b9000005c46d90b000000001
last-modified
Thu, 01 Aug 2019 13:28:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"06b7ef86c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494c587e05c4-FRA
lightcase.css
www.ht.bank/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/css/lightcase.css
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e750a5d9701a372308eb29a92b32a12a363a516efad72984f9a9784bfb91c58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=19125
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c23b9000005c4ae9d5000000001
last-modified
Thu, 01 Aug 2019 13:28:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8069a026d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494c587f05c4-FRA
cf-bgj
minify
LogoHometown-nav.png
www.ht.bank/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/images/LogoHometown-nav.png
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ef37d18f5a8fda09f337391239a403f058f93c3eb870a8a2299c254189340a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=7855
content-disposition
inline; filename="LogoHometown-nav.webp"
vary
Accept
content-length
2934
cf-request-id
06900c23b9000005c47a975000000001
last-modified
Thu, 01 Aug 2019 13:27:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"c931a8ee6c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
x-xss-protection
1; mode=block
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5f60494c588105c4-FRA
cf-bgj
imgq:100,h2pri
ContentImageHandler.ashx
www.ht.bank/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=143147
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4b3d265c46b8744f59be1b2688d8b2f09e4acb48c88a72a5f866658166ae1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f60494f0cc705c4-FRA
content-length
84966
cf-request-id
06900c2563000005c4b594a000000001
expires
Sun, 22 Nov 2020 05:40:18 GMT
ContentImageHandler.ashx
www.ht.bank/ 		366 KB
367 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=146525
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1242574a03bce38efb73c9d1774a6ea96635dc57a2fbbc449e0e82edc6cdc7a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f60494f0cca05c4-FRA
content-length
375062
cf-request-id
06900c2564000005c4912f7000000001
expires
Sun, 22 Nov 2020 05:40:18 GMT
ContentImageHandler.ashx
www.ht.bank/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=126637
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400f9e958867a0d94f87a21d884db41c7a97637cfebfbc01ccac010017cad59c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f60494f0ccc05c4-FRA
content-length
10174
cf-request-id
06900c2564000005c46d92a000000001
expires
Sun, 22 Nov 2020 05:40:18 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
06900c257400001752e10f0000000001
last-modified
Tue, 17 Nov 2020 09:22:06 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fb3963e-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QhRWrpUuo7chaL%2FH7V71BjRTlSGpEFlfawrkqZBg4Ypv9K%2B2MtEHttznR%2BP8iCHplG0pguGheu1Ctd8L0iilktJX7MgwsbkYtB0oiAMNRQGh3NaQCmB3agbyy3PXat1B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5f60494f1e5c1752-FRA
expires
Tue, 24 Nov 2020 05:35:18 GMT
slideshow.js
www.ht.bank/js/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/slideshow.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825d1f7bde54720c717e481035f765adad66822978037c979e26ab423bcbd5f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2583000005c46d92d000000001
last-modified
Thu, 01 Aug 2019 13:27:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"80314e66c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2405c4-FRA
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56982930-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
765b4337bbe9454a5215f14fe8f6b4435923bc08f4076f42ef0479ec75b56ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38702
x-xss-protection
0
last-modified
Sun, 22 Nov 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Nov 2020 05:35:18 GMT
lightcase.js
www.ht.bank/js/ 		64 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/lightcase.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442554a3e46eb87bfb0c7a396aac14a3c47117f1ac9c2c8a4be0eb65f1c98d52
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2583000005c4a7b72000000001
last-modified
Thu, 01 Aug 2019 13:27:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"807d3fe16c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2605c4-FRA
scripts.js
www.ht.bank/js/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/scripts.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0da401f1a6b818ab2c44ac6441edc2fd4c2f5329b6a7c08e5c944170ae2bd5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2584000005c444ade000000001
last-modified
Thu, 01 Aug 2019 13:27:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"06e3ae46c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2805c4-FRA
plugins.js
www.ht.bank/js/ 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/plugins.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d65dfe93044e735cd21e8fa620e04a3ab6a342690b5c9b5fc03cb2b0d58a31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2584000005c47fb93000000001
last-modified
Thu, 01 Aug 2019 13:27:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0419e36c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2a05c4-FRA
jquery-ultimate-smartbanner.js
www.ht.bank/sab/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/sab/jquery-ultimate-smartbanner.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9ef56d484bb8cc840d5a9d307520c76b8861e6384ab35c5a45b81f62554bf1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2586000005c485867000000001
last-modified
Thu, 29 Aug 2019 06:42:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"804676f4345ed51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2b05c4-FRA
jquery-ui-1.11.4.min.js
www.ht.bank/js/vendor/ 		268 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/vendor/jquery-ui-1.11.4.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659b4d93ee688a1d640954d599a49e7ce2cca9114420807d427cfaea2fe0acec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2584000005c4afbb0000000001
last-modified
Thu, 01 Aug 2019 13:25:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"80a8398a6c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d2f05c4-FRA
jquery-1.11.3.min.js
www.ht.bank/js/vendor/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2584000005c44e9fe000000001
last-modified
Thu, 01 Aug 2019 13:25:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"804ed7876c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d3005c4-FRA
modernizr-2.8.3.min.js
www.ht.bank/js/vendor/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/js/vendor/modernizr-2.8.3.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68abb8eccc8d703529c121210b200382c6eac82361cf6611566fa7de3ca1c644
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2585000005c4ae9f4000000001
last-modified
Thu, 01 Aug 2019 13:25:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"802fcd8d6c48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f60494f3d3205c4-FRA
Roboto-Regular-webfont.woff
www.ht.bank/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/fonts/Roboto-Regular-webfont.woff
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.ht.bank
Referer
https://www.ht.bank/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2645000005c49fbad000000001
last-modified
Thu, 01 Aug 2019 13:30:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2b7014d6d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f6049506f2d05c4-FRA
Roboto-Bold-webfont.woff
www.ht.bank/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/fonts/Roboto-Bold-webfont.woff
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.ht.bank
Referer
https://www.ht.bank/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2647000005c497a03000000001
last-modified
Thu, 01 Aug 2019 13:30:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ba46bd406d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f6049507f3305c4-FRA
Roboto-Light-webfont.woff
www.ht.bank/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/fonts/Roboto-Light-webfont.woff
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.ht.bank
Referer
https://www.ht.bank/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2648000005c48e06c000000001
last-modified
Thu, 01 Aug 2019 13:30:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"45b94a4b6d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f6049507f3505c4-FRA
Fiserv-Template.woff
www.ht.bank/fonts/ 		38 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/fonts/Fiserv-Template.woff
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be0158313fe11bb8a22b3e349714b4153cd3a68283303b162d945fab451f17b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.ht.bank
Referer
https://www.ht.bank/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2648000005c4779d1000000001
last-modified
Thu, 01 Aug 2019 13:29:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b57652d6d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f6049507f3605c4-FRA
fontawesome-webfont.woff
www.ht.bank/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/css/font-awesome-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.ht.bank
Referer
https://www.ht.bank/css/font-awesome-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
06900c2648000005c4468c7000000001
last-modified
Thu, 01 Aug 2019 13:29:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"f056b2346d48d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
x-xss-protection
1; mode=block
cache-control
max-age=691200
cf-ray
5f6049507f3705c4-FRA
RemoteLogon
web1.secureinternetbank.com/EBC_EBC1151/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1.secureinternetbank.com/EBC_EBC1151/js/RemoteLogon?_=1606023319768
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
107.162.133.84 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
801e4d1cc07dfa3cc5536ee07eff767c9395a501676b1b225b3cb0f2409876c4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 05:35:20 GMT
Via
1.1 fra1-bit21
Last-Modified
Sun, 22 Nov 2020 05:35:20 GMT
Vary
User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Strict-Transport-Security
max-age=157680000
Content-Length
96230
Expires
Mon, 22 Nov 2021 05:35:20 GMT
inc_cms-include.aspx
www.ht.bank/ 		508 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/inc_cms-include.aspx?name=Quicklinks
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3607d5e1b62d0b0c710b6e8c95bb440a2a5af91cef1fb4a9519139ea466735
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ht.bank/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private
cf-ray
5f604956497005c4-FRA
cf-request-id
06900c29f1000005c4bb2bd000000001
inc_cms-include.aspx
www.ht.bank/ 		360 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ht.bank/inc_cms-include.aspx?name=Promo
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b64af551bd406eb0464c31e8c374ea674b7591201a390213fd249693e794cbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ht.bank/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private
cf-ray
5f6049572b0205c4-FRA
cf-request-id
06900c2a7a000005c4858c9000000001
ContentImageHandler.ashx
www.ht.bank/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=143147
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4b3d265c46b8744f59be1b2688d8b2f09e4acb48c88a72a5f866658166ae1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f604959cfc805c4-FRA
content-length
84966
cf-request-id
06900c2c20000005c4b10c0000000001
expires
Sun, 22 Nov 2020 05:40:20 GMT
ContentImageHandler.ashx
www.ht.bank/ 		366 KB
367 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=146525
Requested by
Host: www.ht.bank
URL: https://www.ht.bank/js/vendor/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1242574a03bce38efb73c9d1774a6ea96635dc57a2fbbc449e0e82edc6cdc7a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f604959cfcd05c4-FRA
content-length
375062
cf-request-id
06900c2c21000005c480903000000001
expires
Sun, 22 Nov 2020 05:40:20 GMT
ContentImageHandler.ashx
www.ht.bank/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ht.bank/ContentImageHandler.ashx?ImageId=127249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b3ca1fe4e389ffdd8f9a3517132b989d1590c6068978c1f17c680af47f61b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 05:35:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=300
cf-ray
5f604959dfdb05c4-FRA
content-length
156890
cf-request-id
06900c2c2a000005c47a9ff000000001
expires
Sun, 22 Nov 2020 05:40:20 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56982930-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1172
date
Sun, 22 Nov 2020 05:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 22 Nov 2020 07:15:48 GMT
collect
www.google-analytics.com/j/ 		1 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=703280834&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ht.bank%2F&ul=en-us&de=UTF-8&dt=Hometown%20Bank%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1583177737&gjid=936349057&cid=901640663.1606023321&tid=UA-56982930-1&_gid=2104290246.1606023321&_r=1&gtm=2oub41&z=437087267
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ht.bank/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Nov 2020 05:35:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ht.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR object| html5 object| Modernizr function| yepnope function| $ function| jQuery string| SABTitle string| SABAuthor string| iPhoneID string| iPadID string| AndroidPhoneID string| AndroidTabletID function| debounce number| sideNavGeneratorInstance function| initscrolltrigger function| onWinResize object| jQuery1113042357871245073886 object| lightcase function| gtag object| dataLayer object| google_tag_manager boolean| __cfRLUnblockHandlers number| j number| m number| oldTop boolean| onWinResizeInitalized object| imageClones string| tocAlt number| pageWidth object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| parseBigInt function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time object| t undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| findPrimes function| millerRabin function| bitSize function| expand function| randTruePrime function| mod function| addInt function| mult function| powMod function| sub function| add function| inverseMod function| multMod function| randTruePrime_ function| randBigInt_ function| GCD_ function| inverseMod_ function| inverseModInt_ function| eGCD_ function| negative function| greaterShift function| greater function| divide_ function| carry_ function| modInt function| int2bigInt function| str2bigInt function| equalsInt function| equals function| isZero function| bigInt2str function| dup function| copy_ function| copyInt_ function| addInt_ function| rightShift_ function| halve_ function| leftShift_ function| multInt_ function| divInt_ function| linComb_ function| linCombShift_ function| addShift_ function| subShift_ function| sub_ function| add_ function| mult_ function| mod_ function| multMod_ function| squareMod_ function| trim function| powMod_ function| mont_ object| EBC function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug number| bpe number| mask number| radix string| digitsStr object| buff object| one object| ss object| s0 object| s1 object| s2 object| s3 object| s4 object| s5 object| s6 object| s7 object| T object| sa object| mr_x1 object| mr_r object| mr_a object| eg_v object| eg_u object| eg_A object| eg_B object| eg_C object| eg_D object| md_q1 object| md_q2 object| md_q3 object| md_r object| md_r1 object| md_r2 object| md_tt object| primes object| pows object| s_i object| s_i2 object| s_R object| s_rm object| s_q object| s_n1 object| s_a object| s_r2 object| s_n object| s_b object| s_d object| s_x1 object| s_x2 object| s_aa function| forceIE89Synchronicity

3 Cookies

Domain/Path Name / Value
www.ht.bank/ Name: Cms.Customer.Name
Value: ORbMW4hcz3Z/VFvuTQHAvWgPfqqy5UPyomrgzerXY8w=
www.ht.bank/ Name: Cms.Tracing.Enabled
Value: sEy4K0pL/4g=
.ht.bank/ Name: __cfduid
Value: d5fecef88c858f564cec2c43c0640feec1606023318

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
web1.secureinternetbank.com
www.google-analytics.com
www.googletagmanager.com
www.ht.bank
107.162.133.84
2606:4700:10::6816:e67
2606:4700::6810:a723
2a00:1450:4001:818::2008
2a00:1450:4001:824::200e
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
1242574a03bce38efb73c9d1774a6ea96635dc57a2fbbc449e0e82edc6cdc7a0
27d65dfe93044e735cd21e8fa620e04a3ab6a342690b5c9b5fc03cb2b0d58a31
3e750a5d9701a372308eb29a92b32a12a363a516efad72984f9a9784bfb91c58
400f9e958867a0d94f87a21d884db41c7a97637cfebfbc01ccac010017cad59c
43d9a21f8570de18b803e5f7f2c41dd29f72c13061dc7e8c7e4fc75d45ef32d0
442554a3e46eb87bfb0c7a396aac14a3c47117f1ac9c2c8a4be0eb65f1c98d52
51ef37d18f5a8fda09f337391239a403f058f93c3eb870a8a2299c254189340a
5a0da401f1a6b818ab2c44ac6441edc2fd4c2f5329b6a7c08e5c944170ae2bd5
5a4b3d265c46b8744f59be1b2688d8b2f09e4acb48c88a72a5f866658166ae1e
5be0158313fe11bb8a22b3e349714b4153cd3a68283303b162d945fab451f17b
63b3ca1fe4e389ffdd8f9a3517132b989d1590c6068978c1f17c680af47f61b4
659b4d93ee688a1d640954d599a49e7ce2cca9114420807d427cfaea2fe0acec
6694fc70fbc1f5f2b562c1d140ceb26cca1e40db6972d6b15cd1a2191dbef684
68abb8eccc8d703529c121210b200382c6eac82361cf6611566fa7de3ca1c644
6b64af551bd406eb0464c31e8c374ea674b7591201a390213fd249693e794cbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
765b4337bbe9454a5215f14fe8f6b4435923bc08f4076f42ef0479ec75b56ca4
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
7e9ef56d484bb8cc840d5a9d307520c76b8861e6384ab35c5a45b81f62554bf1
801e4d1cc07dfa3cc5536ee07eff767c9395a501676b1b225b3cb0f2409876c4
825d1f7bde54720c717e481035f765adad66822978037c979e26ab423bcbd5f3
8d09bb6b7835fe8c97b24afa30a552a4a2f84fe0a2542ac0965b189fcb7d8105
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
df3607d5e1b62d0b0c710b6e8c95bb440a2a5af91cef1fb4a9519139ea466735
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f062682e6267b0c0cdb478ad5be0298ccfc823bd6269f5880ef6208f031f870f