hsbcbank.000.pe Open in urlscan Pro
185.27.134.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hsbcbank.000.pe/Security.php?i=1
Effective URL:
https://hsbcbank.000.pe/Security.php?i=2
Submission: On July 14 via automatic, source phishtank (July 14th 2024, 12:40:29 pm UTC) — Scanned from GB

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 17 domains to perform 80 HTTP transactions. The main IP is 185.27.134.125, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is hsbcbank.000.pe.
TLS certificate: Issued by WR1 on July 12th 2024. Valid for: 3 months.

This is the only time hsbcbank.000.pe was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	185.27.134.125 185.27.134.125	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2a02:26f0:480... 2a02:26f0:480:58b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.37.38.214 23.37.38.214	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
15	2600:9000:235... 2600:9000:235a:ec00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.197.9.79 23.197.9.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	203.112.92.205 203.112.92.205	9221 (HSBC-HK-A...) (HSBC-HK-AS HSBC HongKong)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	13.113.199.76 13.113.199.76	16509 (AMAZON-02) (AMAZON-02)
1	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
1	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.199.216.230 54.199.216.230	16509 (AMAZON-02) (AMAZON-02)
2	18.194.15.49 18.194.15.49	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	43.251.41.28 43.251.41.28	11054 (LIVEPERSON) (LIVEPERSON)
80	26

12 185.27.134.125 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

hsbcbank.000.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:58b::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-214.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:235a:ec00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.9.79 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-9-79.deploy.static.akamaitechnologies.com

a19069622224.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.112.92.205 (Hong Kong)

ASN9221 (HSBC-HK-AS HSBC HongKong, HK)

www.isstprod.hsbc.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.199.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-199-76.ap-northeast-1.compute.amazonaws.com

collect-ap-northeast-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.199.216.230 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-216-230.ap-northeast-1.compute.amazonaws.com

visitor-service-ap-northeast-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.15.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-15-49.eu-central-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.251.41.28 (Australia)

ASN11054 (LIVEPERSON, US)

sy.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tiqcdn.com akamai.tiqcdn.com — Cisco Umbrella Rank: 10949 tags.tiqcdn.com — Cisco Umbrella Rank: 1091	126 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	1 MB
12	000.pe hsbcbank.000.pe	546 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4201 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4029	289 KB
4	tealiumiq.com collect-ap-northeast-1.tealiumiq.com — Cisco Umbrella Rank: 156944 visitor-service-ap-northeast-1.tealiumiq.com — Cisco Umbrella Rank: 148913 datacloud.tealiumiq.com — Cisco Umbrella Rank: 6880	21 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3888 sy.v.liveperson.net — Cisco Umbrella Rank: 89731	130 KB
3	google.com google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 5	34 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 326	15 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 774 a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 103233 logx.optimizely.com — Cisco Umbrella Rank: 1540	121 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	87 KB
1	userstat.net userstat.net — Cisco Umbrella Rank: 181301	647 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1517	500 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 387	149 B
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 661	7 KB
1	hsbc.com.hk www.isstprod.hsbc.com.hk — Cisco Umbrella Rank: 185472 Failed www.issthk.hsbc.com.hk Failed	30 KB
1	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 264	409 B
80	17

	Domain	Requested by
15	tags.tiqcdn.com	hsbcbank.000.pe
15	www.googletagmanager.com	hsbcbank.000.pe tags.tiqcdn.com www.googletagmanager.com
12	hsbcbank.000.pe	hsbcbank.000.pe
5	lpcdn.lpsnmedia.net	lptag.liveperson.net
3	bat.bing.com	hsbcbank.000.pe bat.bing.com
2	sy.v.liveperson.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	datacloud.tealiumiq.com	tags.tiqcdn.com
2	www.facebook.com	hsbcbank.000.pe
2	google.com	www.googletagmanager.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	lptag.liveperson.net	tags.tiqcdn.com
1	visitor-service-ap-northeast-1.tealiumiq.com	hsbcbank.000.pe
1	logx.optimizely.com	cdn.optimizely.com
1	www.google.com	www.googletagmanager.com
1	userstat.net	hsbcbank.000.pe
1	sp.analytics.yahoo.com	hsbcbank.000.pe
1	collect-ap-northeast-1.tealiumiq.com	tags.tiqcdn.com
1	match.adsrvr.org	hsbcbank.000.pe
1	s.yimg.com	hsbcbank.000.pe
1	www.isstprod.hsbc.com.hk	tags.tiqcdn.com
1	cm.g.doubleclick.net	hsbcbank.000.pe
1	a19069622224.cdn.optimizely.com	cdn.optimizely.com
1	akamai.tiqcdn.com	hsbcbank.000.pe
1	cdn.optimizely.com	hsbcbank.000.pe
0	www.issthk.hsbc.com.hk Failed	tags.tiqcdn.com
80	26

This site contains no links.

Subject Issuer	Validity	Valid
hsbcbank.000.pe WR1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
www.isstprod.hsbc.com.hk DigiCert EV RSA CA G2	`2024-05-09` - `2024-09-10`	4 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-08` - `2024-08-28`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M02	`2024-06-21` - `2025-07-19`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
userstat.net GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
logx.optimizely.com WR3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://hsbcbank.000.pe/Security.php?i=2
Frame ID: BD90D11856B91A536BEB4AD77529C5C6
Requests: 76 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=DC-11261169
Frame ID: 34C6BE7BB7B542AC877C6DE348DA4A30
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=DC-8737857
Frame ID: 63CFC77C1B5FC7D7FA3BB1D3344AF5C4
Requests: 1 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: 34A787D76255C24F4A58967E75BB6674
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.29.1-release_1359973818/storage.secure.min.html?loc=https%3A%2F%2Fhsbcbank.000.pe&site=19211303&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: FCA0A179939619F62B433BA81A8C8FDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC - Personal & Online Banking

Page URL History Show full URLs

https://hsbcbank.000.pe/Security.php?i=1 Page URL
https://hsbcbank.000.pe/Security.php?i=2 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

80
Requests

96 %
HTTPS

28 %
IPv6

17
Domains

26
Subdomains

26
IPs

8
Countries

2468 kB
Transfer

9601 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hsbcbank.000.pe/Security.php?i=1 Page URL
https://hsbcbank.000.pe/Security.php?i=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Security.php Show response
hsbcbank.000.pe/ 839 B
695 B 356ms
58ms Document
text/html 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/Security.php?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 30a0f36dbff6a4b97469cf50fd1c3c39a1cfb46a2518a6accd1c15e42709fa2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Sun, 14 Jul 2024 12:40:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK aes.js Show response
hsbcbank.000.pe/ 13 KB
5 KB 59ms
59ms Script
application/javascript 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/aes.js
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:13 GMT
Content-Encoding: br
Last-Modified: Sun, 15 Oct 2023 17:52:35 GMT
Server: nginx
ETag: W/"652c26e3-35a5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK Primary Request Security.php Show response
hsbcbank.000.pe/ 15 KB
4 KB 79ms
78ms Document
text/html 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/Security.php?i=2
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: da731c18291339347881db38612ab130082a02e8d3aad9e18a3224d26fe76438

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Jul 2024 12:40:13 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
hsbcbank.000.pe/css/ 930 KB
90 KB 81ms
79ms Stylesheet
text/css 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/css/clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d8a718e468c19e7c8295e0f244c5fcaaba43a42ddce63f14ff6c4da37da0ca45

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:13 GMT
Content-Encoding: br
Last-Modified: Fri, 12 Jul 2024 10:30:36 GMT
Server: nginx
ETag: W/"e868d-61d0a5ebf26c0"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 12:40:13 GMT

GET
H/1.1 200
OK bootstrap.css
hsbcbank.000.pe/css/ 191 KB
22 KB 183ms
69ms Stylesheet
text/css 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/css/bootstrap.css
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 28df25f668973580ebfb5e1d75af914c9938ad2dc93d673a19e6885ec88ec17e

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:13 GMT
Content-Encoding: br
Last-Modified: Fri, 12 Jul 2024 10:30:34 GMT
Server: nginx
ETag: W/"2fd6b-61d0a5e966cf8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 12:40:13 GMT

GET
H/1.1 200
OK utag.js Show response
hsbcbank.000.pe/js/ 1 MB
132 KB 68ms
67ms Script
application/javascript 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/js/utag.js
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d9a2362cfa4e6637f5b96c1355cfde162240875b8db60338bf63022e22e9325c

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Content-Encoding: br
Last-Modified: Fri, 12 Jul 2024 10:31:16 GMT
Server: nginx
ETag: W/"12b71a-61d0a61193f78"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 12:40:14 GMT

GET
H/1.1 200
OK utag.sync.js Show response
hsbcbank.000.pe/js/ 2 KB
1 KB 185ms
71ms Script
application/javascript 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/js/utag.sync.js
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 71ef19cc3f8250e7877e9c23dc7189330a313e805bf0b1e95de23f33a2d31fa2

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Content-Encoding: br
Last-Modified: Fri, 12 Jul 2024 10:31:17 GMT
Server: nginx
ETag: W/"96c-61d0a612d2d08"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 12:40:14 GMT

GET
H/1.1 200
OK hsbc-logo.svg
hsbcbank.000.pe/images/ 5 KB
2 KB 192ms
71ms Image
image/svg+xml 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbcbank.000.pe/images/hsbc-logo.svg
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Content-Encoding: br
Last-Modified: Sat, 13 Jul 2024 16:26:22 GMT
Server: nginx
ETag: W/"138c-61d2374e111c0"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=0
Connection: keep-alive
Expires: Sun, 14 Jul 2024 12:40:14 GMT

GET
H/1.1 200
OK clientlib-all.min.9fc0e08c626d9cd03b0782f1b7c9e15c.js Show response
hsbcbank.000.pe/js/ 957 KB
194 KB 220ms
95ms Script
application/javascript 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/js/clientlib-all.min.9fc0e08c626d9cd03b0782f1b7c9e15c.js
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1200d5fecfa0236984a85aff9cad6d07f7d15d87dd5d118181a0e82cca48b2e5

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Content-Encoding: br
Last-Modified: Fri, 12 Jul 2024 10:31:17 GMT
Server: nginx
ETag: W/"ef5b0-61d0a6134ce28"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 12:40:14 GMT

GET
H2 200 20356210685.js Show response
cdn.optimizely.com/js/ 618 KB
121 KB 328ms
197ms Script
text/javascript 2a02:26f0:480:58b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20356210685.js

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.sync.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:58b::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eddf0d85bf29ca7c31c6eb1d03edd9f2506ff04e9c7d5c31c743d7b7e4b4e5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: JgtzaSPGzkHeGCNxlvsWXUKxg9rguLUT
content-encoding: br
date: Sun, 14 Jul 2024 12:40:14 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: HGTVVSHEH99AV0QJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 10359
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=34, origin; dur=106, cdn;desc="AkamaiION";dur=0,rtt;desc="52";dur=0,cdnip;desc="2a02:26f0:480:58b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1720960814626_35115144_908809328_14034_2907_52_55_146";dur=1
content-length: 122627
x-amz-id-2: fO5xOTWnZxlbboe9+sNPnymCV8Ov5cJAz3IJr64ws2FUarxoO7KByRTtrOcoF3KID81BUp27kWI=
last-modified: Fri, 12 Jul 2024 13:39:25 GMT
server: AmazonS3
etag: "a982b77d2486f175dc3440258667bae9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK UniversNextforHSBCW02-Rg.woff
hsbcbank.000.pe/fonts/ 27 KB
27 KB 73ms
72ms Font
application/x-font-woff 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/fonts/UniversNextforHSBCW02-Rg.woff
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/css/clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Request headers

Referer: https://hsbcbank.000.pe/css/clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
Origin: https://hsbcbank.000.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Last-Modified: Fri, 12 Jul 2024 10:31:50 GMT
Server: nginx
ETag: "6b48-61d0a631ed760"
Content-Type: application/x-font-woff
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27464
Expires: Sun, 14 Jul 2024 12:40:14 GMT

GET
H/1.1 200
OK HelveticaNeueforHSBCW84-Rm.woff
hsbcbank.000.pe/fonts/ 38 KB
38 KB 88ms
87ms Font
application/x-font-woff 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/fonts/HelveticaNeueforHSBCW84-Rm.woff
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/css/clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: da6f74a0323d322059b4ed78eebe01c74b5a03c49f3a95d20c29f7dfbbd5da50

Request headers

Referer: https://hsbcbank.000.pe/css/clientlib-default.min.037b63dd8036aa0099152903d3ec77b1.css
Origin: https://hsbcbank.000.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Last-Modified: Fri, 12 Jul 2024 10:31:32 GMT
Server: nginx
ETag: "965a-61d0a62160668"
Content-Type: application/x-font-woff
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38490
Expires: Sun, 14 Jul 2024 12:40:14 GMT

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
560 B 196ms
56ms XHR
application/x-javascript 23.37.38.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-214.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:14 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=GB,region_code=EN,city=LONDON,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Mon, 29 Jul 2024 12:40:14 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ Frame 34C6 0
0 182ms
68ms Document
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11261169

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=900
content-encoding: br
content-length: 77969
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jul 2024 12:40:14 GMT
expires: Sun, 14 Jul 2024 12:40:14 GMT
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

GET
H2 200 js
www.googletagmanager.com/gtag/ Frame 63CF 0
0 253ms
142ms Document
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8737857

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=900
content-encoding: br
content-length: 77983
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jul 2024 12:40:14 GMT
expires: Sun, 14 Jul 2024 12:40:14 GMT
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

GET
H2 200 utag.276.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 2 KB
1 KB 304ms
157ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.276.js?utv=ut4.46.202205131608
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f760ebd13b91c8130173c645d86a665e09f30a0f3e0ab91fa95b508fb234dca

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: b6f2MCvWPG.xKVaNdxffFSmesvmD7ldG
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"0230b453bad03c5d264addadc24be521"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: yKsSViMc91GImNRfz93KgTtGa34qZZkMFdcI72Q5qgh_Ff-7nEOhFw==

GET
H2 200 utag.603.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 37 KB
11 KB 312ms
166ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.603.js?utv=ut4.46.202201211719
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18790c1bc73b6b3a7a16d6d5695e26896d9bb152768413cfb920db96287a453f

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WqR7sXpcRFt5MiGaH8P5CBRjj0G2Kuo3
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"7dd67b9646f9874444b00ce14b4c4d7b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: j-pNH2oRm9IroyT5p_H2Zg3fKfkXpiE8-qE_xLw_yrCPlqRb0RbeYA==

GET
H2 200 utag.1206.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 3 KB
2 KB 585ms
439ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1206.js?utv=ut4.46.202207221353
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 030f870c572d199f21ea536931c49695ef8faa413ecfeb589cc0cb8a11bbc8cb

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: YrNLqNhdMZnRv5UxWJGSFGlrUnl6nvTQ
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"b2ab3fa88f05e4a6297dd0280bc2ac33"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 06Jx4tV0mUezZZgyApsrctAmB_Jr38dXclmkU7VtHHQeP2xs86Qeig==

GET
H2 200 utag.1316.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 22 KB
7 KB 583ms
438ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1316.js?utv=ut4.46.202207131828
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1d5e1a4b06451d7fb9ce65af15b085f1a825d87610815bf8aec970037cf7cc5

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: GL3PrhBD5ax48PIzxrYBVBAkvbfg5sXd
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"de2e7495607344a870405e374b2a99af"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: qUp6FyGh9Iuo1wCLEjE_XNNHE4GGjoLadqGrcsq_ZZCT8MSsmY07vA==

GET
H2 200 utag.1391.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 4 KB
2 KB 201ms
56ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1391.js?utv=ut4.46.202201211719
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d9f0f2b9335c8b84f8b1f951db96e7c3630426d2f26825608eab948798e5b0f

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: qeGAh.koCXsLv7fJfz3pXzQpgYPaFrhQ
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:36:44 GMT
last-modified: Tue, 09 Jul 2024 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 212
x-amz-server-side-encryption: AES256
etag: W/"5e6bf82df0a39d816d34943b381c65de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: P4HDUyfdH1_mvyXWRzeCqwoLavE80vegpkFw7OLAD58Crs0vnoqbdA==

GET
H2 200 utag.1432.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 68 KB
7 KB 206ms
61ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1432.js?utv=ut4.46.202311301214
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73173c05016e9e25eb41d42aadc8d2aab7709b133f06fc9f804a02041c59d42e

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 3j10fu9jFYfS0iaUnhfxTNdKpRn2K6zy
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:36:44 GMT
last-modified: Tue, 09 Jul 2024 10:18:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 212
x-amz-server-side-encryption: AES256
etag: W/"8a6ea5e430bb52aa9d765fbcdc58a7aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VND0B6cPeLkDEY4MRuclmLS91dd7FHbdJEnWoMLvn3BFKDtzuHNcAQ==

GET
H2 200 utag.1459.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 7 KB
3 KB 498ms
498ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1459.js?utv=ut4.46.202206161707
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55e6642547cae5e8b50d06aea80f8010a7b56b9891ad401cd4568cc1e799d3ef

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: x4IhAMkiB8N6pJeoByDwWB6PvZyrYoqs
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"8daee8ceada41c983534dd8c167ee426"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: eye8Yh71v47edYABqmuGfFs0qYDsBxp-xJ7fDGduwUw6MJxJ4e9neA==

GET
H2 200 utag.1468.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 11 KB
4 KB 58ms
58ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1468.js?utv=ut4.46.202207131828
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6aa598cefb53b385447b8f99fca95e82f9b348f8a26ed0e5a1403ec9ee9fc1ee

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: TMXNkVhha1jZ.JcDYRS7jl_rftJv76K.
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:36:44 GMT
last-modified: Tue, 09 Jul 2024 10:18:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 212
x-amz-server-side-encryption: AES256
etag: W/"c4d04d47252836a04dc8caa86b430009"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: -f12K3HuwfngOnB6aMHDNFYnE2d6FukRsuM5UN0UfPlQf07mx8HwSQ==

GET
H2 200 utag.1503.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 22 KB
7 KB 443ms
442ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1503.js?utv=ut4.46.202211071501
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abab282464941916fe3955ee9f9194383b99e7d8246ba4c3402d765e9a0fca78

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: XDidDd3nmEA1cOnkFuICsySE1FNxlMJ.
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"d7a2e65df347316b7e971292bd7e5b2e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: bmsmMaLOF2I3UmnwBSl7mfh1Jcjrv1DqZ0Zxp9RNWjbuNDx_gE4A_g==

GET
H2 200 utag.1507.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 4 KB
2 KB 500ms
499ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1507.js?utv=ut4.46.202312221624
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f2c50c6818bf9d33ebf653027bfd73f4ebdcbf292a4195a2f7f1ae1ba4980b3

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _AYsesOI.xs8nxw1Zwvelg8.ktVXkmqm
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"6e6ccc9eabe4e0db5e4c9aa3712ac08d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: XIdi-LM74VknkN2Wu7frIPaoFQedkWiwMT-lwqejUy3AS3et0gy-gg==

GET
H2 200 utag.1537.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 205 KB
57 KB 442ms
442ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1537.js?utv=ut4.46.202401221037
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bc1a973481bcdf3c34b0617f496e36cc1785fa6f3fb6de13cebc2ff309489fe

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: GasqKGK8.2gQNb2gKtP9X2D6mhLkNICt
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"995e9fd406d863925c60eda3a90621a0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 6ldVhEHObCKIcjWFqA-lKQLm_UaunDA44ZZ8iC2_Wx6EpSijuD6ZxQ==

GET
H2 200 utag.1549.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 50 KB
13 KB 500ms
500ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1549.js?utv=ut4.46.202403141232
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d778830477171c5bcc399e8a9acbd443ad21424e59c8d3d14dc4826f04e41d56

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Q9RD50N3shEJMisRzk2EviIGKcDPNV60
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"c1c7da62b3bdcbe181499d0880ae1522"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 8KS963BUyyrOg0hswDqb8R2y4LPAMjDOZGB-b0Gj126UZkdOiVgpPA==

GET
H2 200 utag.1553.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 11 KB
4 KB 508ms
508ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1553.js?utv=ut4.46.202403141232
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9c4bbe2111e3f517fcdeb243f2448c9a0cdbf5690274fd3b39707b6e8655b3d

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: hKwmtc4X9kV77Skrs_t9Ddmniuca4.eA
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"e70e0fbc43a506f5a44d02860ca84bd5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: V-c8W8FsBQ6M1sSmyPnTWKtpbOTAgV0BJsJqxIRoUCGuhxhDiAmA0Q==

GET
H2 200 utag.1568.js Show response
tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/ 18 KB
5 KB 163ms
163ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1568.js?utv=ut4.46.202407091014
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 882941911ca0e266ab147c8f6aaebadf90674d29525f3fc1310780a6f8484637

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: erh.oqNFb5ZTSfagYmTz4AgXj4M.Jl3o
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 12:40:16 GMT
last-modified: Tue, 09 Jul 2024 10:18:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"4a35e31d3e2e25db565cb4339935acfe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: NsSdDaJJsyr7YEZiWcBa_qc49LSWrgGNOaAQSJ4caHM62X2h9XW2Lw==

GET
H2 200 a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame 34A7 0
0 314ms
71ms Document
text/html 23.197.9.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20356210685.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.197.9.79 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-9-79.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://hsbcbank.000.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=120
content-encoding: br
content-length: 1138
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 12:40:15 GMT
etag: "080c82538b0e1e6ecc2aa8dc694e8ba4"
last-modified: Sun, 14 Jul 2024 12:11:11 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=13 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="54";dur=0,cdnip;desc="23.197.9.79";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1720960815282_34831240_442571893_1317_1789_54_69_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 1138 0 pmb=mRUM,2
x-amz-id-2: Ie25p5tBnwhVpFdy7yEbpts3YvIJoi7wvs68euAENFUyzHn6KHOcaf+BbD+ywq5edN8YGrt3np4=
x-amz-meta-pci_enabled: False
x-amz-replication-status: PENDING
x-amz-request-id: 4AE30R7VFVBW5HSP
x-amz-server-side-encryption: AES256
x-amz-version-id: .WTl0e8UAIxQXFB5S3rZQOOJUFjbcm2p

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 206ms
67ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0190b1420e46000ddefc3a50adc805065002805d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-hk

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 27 KB
10 KB 299ms
134ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=19211303

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1432.js?utv=ut4.46.202311301214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 30 May 2024 01:00:50 GMT
server: ws
etag: "6657cfc2-253d"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9533

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 184ms
69ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8694241

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1468.js?utv=ut4.46.202207131828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a0299369fcc8c75c80b0c9b03eb3b8710236a5c70c73596d73ef6fad5610b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77927
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 262ms
76ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 14 Jul 2024 12:40:14 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70612EEDF558472F9366FF7BB693A1A4 Ref B: FRA31EDGE0819 Ref C: 2024-07-14T12:40:15Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

POST session.json
www.isstprod.hsbc.com.hk/3579/handler9/ 0
0

GET
H/1.1 200
OK JavascriptInsert.js Show response
www.isstprod.hsbc.com.hk/ 82 KB
30 KB 6208ms
309ms Script
application/x-javascript 203.112.92.205
HSBC-HK-AS HSBC H...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.isstprod.hsbc.com.hk/JavascriptInsert.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.603.js?utv=ut4.46.202201211719

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.112.92.205 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK),

Reverse DNS

Software

Resource Hash

b38119ecf1653e7b2a7c8c04f1621fe94f7540f493c88945ff757f972e18f6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Apr 2020 22:42:56 GMT
Content-Encoding: gzip
ETag: 63a774b8dee0176ecdb2472591b39776
Vary: Accept-Encoding,User-Agent
Content-Type: application/x-javascript
Cache-Control: max-age=900, s-maxage=900
Connection: Keep-Alive
S: hkp1vl0058
Keep-Alive: timeout=5
Content-Length: 30060

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
88 KB 93ms
89ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-956500078&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0116b111ab6f43adcf2aa1c682cb2133509909f90df8d1b6bb239575c58004ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89632
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 87ms
83ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-798214875&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c718366b0a0360a0bb10d53e3e5c6bb42bf672f05d378041893261e9b9c24c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83651
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 134ms
130ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-674638442&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b087a4674a77f6a2bc83ceb98d1bf9ba1768b2f3817ea6c2b0793bace0a6b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85345
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 70ms
66ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-791144207&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

686d57a2c0e0c87407f4ffe360291fc7e939cd3b2b563ea14c5ea4037b7db592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83909
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 122ms
119ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-676284096&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0601ce17af5bddeb0ef19b8786920441b1c8c5950046b34e7815cfb8bbeca7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83909
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 172ms
169ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10892300496&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d10f14249ec02ebad49d4b8aa2b9e3f15d79c930b9fb694b012ed3c53f124fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83972
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
93 KB 193ms
190ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-793969516&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffc8b9f52358d7246d34ad25b485a7a1c55c9037af69cd1e14c309cd16f2225b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94980
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 220ms
217ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794057115&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a22f77a1092f9ad85083ecdf23b1a9d22ccdd701bae60836e6646cba3b76793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88772
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 209ms
207ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10951076746&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

784d8fffb7bbf3eb0fdf84bcea61a7ad332a86bf2a14536cdbe0912d97e0e5bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86583
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 258ms
256ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-793957276&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc783d37bc790ecd8e84d1c03b7c5656810c3c6a9a647142a8d34ffb700c0262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83650
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 247ms
245ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11000049019&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

082bdfd78fbb616d234a311fbb68d117141650eb7d03e3af6ef94618fcd282d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85333
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 249ms
248ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10897987304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf7f7f372aaa266ee7d56f54603f42ba013664987b42b44656708af8a86b7902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86554
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H2 200 5649753.js Show response
bat.bing.com/p/action/ 335 B
402 B 78ms
78ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5649753.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 14 Jul 2024 12:40:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65B75C291317463EB494736FB23C98E7 Ref B: FRA31EDGE0819 Ref C: 2024-07-14T12:40:15Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 200ms
63ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 14 Jul 2024 12:24:33 GMT
x-amz-version-id: VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BSPGA753NGK3V494
age: 943
x-amz-server-side-encryption: AES256
content-length: 6672
x-amz-id-2: mAtsSFLweUqvYJWs7cRTK7hxtI0R+HcomOo/uej3Amt9RVzlzl+5ZUp9mg4aOFRtUVoIt9Yam5E=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 10 Jul 2024 13:59:59 GMT
server: ATS
etag: "b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 177ms
68ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1316.js?utv=ut4.46.202207131828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 12:40:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=12, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: pebtDKD6+xAx5IyCIPwPnsX5RLA8rkq8V0K2gkGfu16WX05nh9yXsmCpK/AJHghT8FkC0RfCSXmoOpUam02YxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 85ms
85ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5649753&Ver=2&mid=4d1aaa34-cbcd-4f58-bdd4-2e70f6197dcb&sid=3865185041de11efadcf9b93684d12b0&vid=38653aa041de11efbd4cf9d9365ce937&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=HSBC%20-%20Personal%20%26%20Online%20Banking&p=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D2&r=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D1&lt=836&evt=pageLoad&sv=1&cdb=AQwT&rn=720758

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 12:40:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21DBE1BA05164F938012C98D81BF2149 Ref B: FRA31EDGE0819 Ref C: 2024-07-14T12:40:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST session.json
www.issthk.hsbc.com.hk/4590/js/events/v10/ 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 192ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tealium&ttd_tpi=1&gdpr=0
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 200 i.gif Show response
collect-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-hk/2/ 43 B
764 B 1094ms
532ms XHR
image/gif 13.113.199.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-hk/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1549.js?utv=ut4.46.202403141232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.199.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-199-76.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywf7cIvV3uP2ds8Oq

Response headers

date: Sun, 14 Jul 2024 12:40:16 GMT
x-serverid: uconnect_i-02f7e2a1b8753355b
x-tid: 0190b1420e46000ddefc3a50adc805065002805d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-hk:2:datacloud
x-region: ap-northeast-1
content-length: 43
pragma: no-cache
x-did: 0190b1420e46000ddefc3a50adc805065002805d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://hsbcbank.000.pe
x-ulver: d61c30858d412411ad6c31b36ef9f7d1fe096b08-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: f15810fe-79eb-43d7-8a7d-c378ed941a03
expires: Sun, 14 Jul 2024 12:40:16 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 64ms
51ms Script
application/javascript 2600:9000:235a:ec00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/hk-rbwm/202407091014&cb=1720960815754
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:ec00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 14 Jul 2024 12:38:54 GMT
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: IrGTdopXn6513PnLhzPRqsY9wHC31DW12iyevD0m4GSW94rvYwC_Aw==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 194ms
60ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=1000&d=Sun%2C%2014%20Jul%202024%2012%3A40%3A15%20GMT&n=-1d&b=HSBC%20-%20Personal%20%26%20Online%20Banking&.yp=423090&f=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D2&e=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D1&enc=UTF-8&yv=1.16.0&et=custom&tagmgr=tealium%2Cgtm

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:15 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 14 Jul 2024 12:40:15 GMT

GET
H3 200 script.js Show response
userstat.net/get/ 129 B
647 B 141ms
76ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstat.net/get/script.js?referrer=https://hsbcbank.000.pe/Security.php?i=2
Requested by: Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/clientlib-all.min.9fc0e08c626d9cd03b0782f1b7c9e15c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://hsbcbank.000.pe
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUGJ0CXVSTy8r0L%2FWF3EssQatKi5geO2UGzt87tRokypop5PyDX9s%2BjbBxUdboREaqsQGHUISSIunGA7NFL%2FHWoiHEsuxcx20eMnAQvf1A%2FKIzR7unqphzAFhSDpV4U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8a31948c6ee49580-LHR
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

POST
H3 204 793969516
google.com/ccm/form-data/ 0
17 B 230ms
102ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/793969516?gtm=45be4790v891155749za200zb9189909630&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&userId=0190b1420e46000ddefc3a50adc805065002805d00b08&npa=1&frm=0&pscdl=noapi&auid=1928587093.1720960816&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-793969516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hsbcbank.000.pe
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 793969516
google.com/ccm/form-data/ 0
17 B 230ms
102ms Ping
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/793969516?gtm=45be4790v891155749za200zb9189909630&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&userId=0190b1420e46000ddefc3a50adc805065002805d00b08&npa=1&frm=0&pscdl=noapi&auid=1928587093.1720960816&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-793969516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hsbcbank.000.pe
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google.com/ccm/ 0
0 172ms
63ms Ping
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=hsbcbank.000.pe&dl=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php&frm=0&rnd=1024264179.1720960816&auid=1928587093.1720960816&npa=1&uid=0190b1420e46000ddefc3a50adc805065002805d00b08&gtm=45be4790za200zb9189909630&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&tft=1720960816082&tfd=1937&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11000049019&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

GET
H2 200 291998267968113 Show response
connect.facebook.net/signals/config/ 151 KB
27 KB 624ms
623ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/291998267968113?v=2.9.161&r=stable&domain=hsbcbank.000.pe&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

925245567b56b83922e820058320988c993ca49feeec61f2c6c89b6758490666

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 12:40:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=66, mss=1297, tbw=64204, tp=-1, tpl=-1, uplat=568, ullat=1
pragma: public
x-fb-debug: 1O2rWL6IMdsjXi+w9Z+Z8duzd6iUjw8Tr99rZ5K2wjk1t0vayIodnZ9OFY89MDDb/z4obh3Il+LDCcbD4NWS5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
386 B 275ms
155ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20356210685.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 12:40:16 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://hsbcbank.000.pe
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 2787b807-facd-4dc5-8125-3d1d5b321494

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 171ms
55ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291998267968113&ev=PageView&dl=https%3A%2F%2Fhsbcbank.000.pe&rl=https%3A%2F%2Fhsbcbank.000.pe&if=false&ts=1720960816801&sw=1600&sh=1200&ud[external_id]=6af2a8e0676d3faed52c61bd967272226238ca29bfe6dabdcce16ea7f0ed5af2&v=2.9.161&r=stable&a=tmtealium&ec=0&o=4124&fbp=fb.1.1720960816798.567065857562817595&cs_est=true&pm=1&hrl=476e03&cdl=API_unavailable&it=1720960816132&coo=false&eid=61192ac628fe94402006cdb1c79c759c&tm=1&cs_cc=1&cas=7622605321154699%2C3352707101488138%2C5588178577890481%2C1633273413466937&rqm=GET

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=10, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 12:40:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 341ms
225ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=291998267968113&ev=PageView&dl=https%3A%2F%2Fhsbcbank.000.pe&rl=https%3A%2F%2Fhsbcbank.000.pe&if=false&ts=1720960816801&sw=1600&sh=1200&ud[external_id]=6af2a8e0676d3faed52c61bd967272226238ca29bfe6dabdcce16ea7f0ed5af2&v=2.9.161&r=stable&a=tmtealium&ec=0&o=4124&fbp=fb.1.1720960816798.567065857562817595&cs_est=true&pm=1&hrl=476e03&cdl=API_unavailable&it=1720960816132&coo=false&eid=61192ac628fe94402006cdb1c79c759c&tm=1&cs_cc=1&cas=7622605321154699%2C3352707101488138%2C5588178577890481%2C1633273413466937&rqm=FGET

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/Security.php?i=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfe609a3811a50452","source_keys":["1","2"]},{"key_piece":"0x2d3cae9d0c9783f9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 12:40:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391470428508847015", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=10, mss=1297, tbw=3097, tp=-1, tpl=-1, uplat=170, ullat=0
pragma: no-cache
x-fb-debug: CHPcIJb0PT3B5wBwZPImY1sjyrCs4PFsIY+VwJkWN7RAITRXmOjNfslTu3sQ6eYJ0mQso7tdnB6xkpXSckDftQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391470428508847015"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0190b1420e46000ddefc3a50adc805065002805d00b08 Show response
visitor-service-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-hk/ 19 KB
19 KB 1129ms
557ms Script
application/javascript 54.199.216.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-hk/0190b1420e46000ddefc3a50adc805065002805d00b08?callback=utag.ut%5B%22writevawpb-stream-hk%22%5D&rnd=1720960816856

Requested by

Host: hsbcbank.000.pe
URL: https://hsbcbank.000.pe/js/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.216.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-216-230.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

855976a1f33a377b40cb78a553cc37360b89abe5ab0104f804b36e20cff957c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-version: f8270accfff83d97551d82e61a897bb7f4d0d75d-SNAPSHOT
date: Sun, 14 Jul 2024 12:40:17 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-northeast-1
content-length: 19581
x-nodeid: i-01fb0d8bf8d5914df
content-type: application/javascript; charset=utf-8

GET
H2 200 i.js Show response
datacloud.tealiumiq.com/tealium_ttd/main/16/ 39 B
662 B 186ms
55ms Script
application/javascript 18.194.15.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/tealium_ttd/main/16/i.js?jsonp=utag.ut.tealium_pass_ttdid
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1459.js?utv=ut4.46.202206161707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.15.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-15-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dd9b11bb7723d648dee86c40524b1f927054223967194dee794d19ac49fac3a9

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:20 GMT
x-serverid: uconnect_i-0d21c4ab2cbaf6af5
x-tid: 3a45656432d443aa86546aa3dffbccf6
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: tealium_ttd:main:16:datacloud
x-ulver: d61c30858d412411ad6c31b36ef9f7d1fe096b08-SNAPSHOT
content-type: application/javascript
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 39
x-uuid: 3a456564-32d4-43aa-8654-6aa3dffbccf6
expires: Sun, 14 Jul 2024 12:40:20 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/ 335 KB
118 KB 58ms
57ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1432.js?utv=ut4.46.202311301214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

53ed938ac991e8075fcf23cc36f96507a0f93aa3d4223469df5fd27884d0618d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript;charset=UTF-8
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/19211303/configuration/setting/accountproperties/ 7 KB
2 KB 1922ms
1743ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/19211303/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

e114c5f6571ce814956619cb9b1f3383a268b76aadf3b93f8103e187358579a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:23 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sun, 14 Jul 2024 12:41:23 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/ 40 KB
12 KB 357ms
58ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/ui-framework.js?version=10.38.0-release_1323031802

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 02:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 726962
x-guploader-uploadid: ACJd0NoL2wsANI7C2sVbLTw8h5p0n8CVkZOtx0bc-e4b9qtwMAbBcwH9gp-Q26TVu-aBb8clSA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12508
last-modified: Fri, 21 Jun 2024 01:36:37 GMT
server: UploadServer
etag: W/"f50d31809acb60fa6c9d03a6dcdc1ef6"
vary: Accept-Encoding
x-goog-generation: 1718933797524159
x-goog-hash: crc32c=3EPcjg==, md5=9Q0xgJrLYPpsnQOm3Nwe9g==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40535
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/ 8 KB
3 KB 356ms
57ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/surveylogicinstance.min.js?version=10.38.0-release_1323031802

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 02:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 726962
x-guploader-uploadid: ACJd0NqyGGgczfDCJbDTp5y0NboFRlE45QA3Oh8zs2v5ZJJnCtuwOELWYADsUpiXtArHtkGHOiM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
last-modified: Fri, 21 Jun 2024 01:36:37 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1718933797507174
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/19211303/configuration/le-campaigns/ 2 KB
1 KB 1788ms
1615ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/19211303/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

28fae85fd81c2e9052a61e110ffdc3d7a4724ceea36dd8b95643c74c674b5052

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:23 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sun, 14 Jul 2024 12:41:23 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/ 1 MB
255 KB 57ms
56ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.38.0-release_1323031802/desktopEmbedded.js?version=10.38.0-release_1323031802

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7f4672b236e18575a35b891da1781d2d4070f4f8273bdcf46df70b196bc19cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 02:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 726961
x-guploader-uploadid: ACJd0NqfqAGbk8cS4zFM7pJDuCeEFThTMhMxmtSHx3grJNPYePd4wMCgodviZKJtjq5Js2HeEEE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261012
last-modified: Fri, 21 Jun 2024 01:36:37 GMT
server: UploadServer
etag: W/"ffb6932d920ea51a69d8b25cc31d8bb5"
vary: Accept-Encoding
x-goog-generation: 1718933797186434
x-goog-hash: crc32c=BIb5fg==, md5=/7aTLZIOpRpp2LJcwx2LtQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1076664
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.29.1-release_1359973818/ 43 KB
15 KB 57ms
57ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.29.1-release_1359973818/storage.secure.min.js?loc=https%3A%2F%2Fhsbcbank.000.pe&site=19211303&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7cd6d51841450d2aa7281979af810d2c6bd32f6edc64568da6cf7c260691dd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 02:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 900364
x-guploader-uploadid: ACJd0NoqyyB0Pqoa0WLCoBOXu4IJ2rGYB-UwYq3c9ei0RpMsUbIwE1tzxeIAQ3PEmfEs6fG4CeM3zYFZxQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15148
last-modified: Thu, 04 Jul 2024 02:01:10 GMT
server: UploadServer
etag: W/"8329b48328985d736a38ba3db5315ab5"
vary: Accept-Encoding
x-goog-generation: 1720058470272202
x-goog-hash: crc32c=bbGUvg==, md5=gym0gyiYXXNqOLo9tTFatQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44505
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.29.1-release_1359973818/ Frame FCA0 0
0 169ms
54ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.29.1-release_1359973818/storage.secure.min.html?loc=https%3A%2F%2Fhsbcbank.000.pe&site=19211303&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

120.154.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hsbcbank.000.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 900314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16308
content-type: text/html
date: Thu, 04 Jul 2024 02:35:09 GMT
etag: W/"77732f853326e091601ee0a2a59dca12"
last-modified: Thu, 04 Jul 2024 02:01:10 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
x-content-type-options: nosniff
x-goog-generation: 1720058470269800
x-goog-hash: crc32c=9CqGyA== md5=d3MvhTMm4JFgHuCipZ3KEg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48277
x-guploader-uploadid: ACJd0NqRJnRjcxqd3EUk7PfwAGKovvU0QdIit2DEWrpLcIpHeTy3Rex0mg7U-UUplB8XYA_GADg

GET
H/1.1 200
OK favicon.ico
hsbcbank.000.pe/ 29 KB
30 KB 60ms
60ms Other
image/x-icon 185.27.134.125
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbcbank.000.pe/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.125 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c9ffe3fbf62671eb9db5cd709c8e460738e6bf13332a257b9e16757d7e9cb135

Request headers

Referer: https://hsbcbank.000.pe/Security.php?i=2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 12:40:23 GMT
Last-Modified: Fri, 12 Jul 2024 10:32:20 GMT
Server: nginx
ETag: "75dc-61d0a64e7bc38"
Content-Type: image/x-icon
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30172
Expires: Tue, 13 Aug 2024 12:40:23 GMT

GET
H2 200 19211303 Show response
sy.v.liveperson.net/api/js/ 164 B
1 KB 1624ms
634ms Script
application/javascript 43.251.41.28
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://sy.v.liveperson.net/api/js/19211303?&cb=lpCb15417x29507&t=sp&ts=1720960821592&pid=3951817915&tid=953874193&pt=HSBC%20-%20Personal%20%26%20Online%20Banking&u=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D2&r=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D1&sec=%5B%22%22%5D&df=0&os=2&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3A%22en%22%7D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.28 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

de0cd46a962330b4f089db35e2b57ccf8939a3178da763c5cc9592f00b97a3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 i.js Show response
datacloud.tealiumiq.com/tealium_ttd/main/16/ 39 B
661 B 57ms
57ms Script
application/javascript 18.194.15.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/tealium_ttd/main/16/i.js?jsonp=utag.ut.tealium_pass_ttdid
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm/prod/utag.1459.js?utv=ut4.46.202206161707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.15.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-15-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dd9b11bb7723d648dee86c40524b1f927054223967194dee794d19ac49fac3a9

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 12:40:25 GMT
x-serverid: uconnect_i-0c6595d341d67d251
x-tid: 3a45656432d443aa86546aa3dffbccf6
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: tealium_ttd:main:16:datacloud
x-ulver: d61c30858d412411ad6c31b36ef9f7d1fe096b08-SNAPSHOT
content-type: application/javascript
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 39
x-uuid: 2df9f98b-1abe-4516-81a5-67cfcdf75cc8
expires: Sun, 14 Jul 2024 12:40:25 GMT

GET
H2 200 19211303 Show response
sy.v.liveperson.net/api/js/ 231 B
1 KB 407ms
406ms Script
application/javascript 43.251.41.28
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://sy.v.liveperson.net/api/js/19211303?&cb=lpCb63014x30166&t=sp&ts=1720960821592&pid=3951817915&tid=953874193&pt=HSBC%20-%20Personal%20%26%20Online%20Banking&u=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D2&r=https%3A%2F%2Fhsbcbank.000.pe%2FSecurity.php%3Fi%3D1&sec=%5B%22%22%5D&df=0&os=2&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3A%22en%22%7D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D&rc=1&vid=hlMTA4MjAxOGY1OTAwN2E4

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/19211303/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.251.41.28 , Australia, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

900a522ad2afed8e214b3b6972669aa7493f6bfdc4199385b158b57608677111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hsbcbank.000.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 12:40:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET 19211303
sy.v.liveperson.net/api/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.isstprod.hsbc.com.hk
URL: https://www.isstprod.hsbc.com.hk/3579/handler9/session.json

Domain: www.issthk.hsbc.com.hk
URL: https://www.issthk.hsbc.com.hk/4590/js/events/v10/session.json

Domain: sy.v.liveperson.net
URL: https://sy.v.liveperson.net/api/js/19211303?sid=sHb9YCJYQuSieYlTtOaDJQ&cb=lpCb11972x64365&t=pl&ts=1720960823734&pid=3951817915&tid=953874193&vid=hlMTA4MjAxOGY1OTAwN2E4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hsbcbank.000.pe/	1970-01-21 07:38:40	Name: __test Value: 6e4b17f5405f9ddaab00f0867b7b8576
hsbcbank.000.pe/	1970-01-20 22:04:07	Name: PHPSESSID Value: 80789973ad7c83aed7ce56a4f96ab0ff
hsbcbank.000.pe/	1970-01-20 22:03:20	Name: PHPREFS Value: full
.000.pe/	1970-01-21 02:21:52	Name: optimizelyEndUserId Value: oeu1720960815054r0.2997415005536135
.000.pe/	1969-12-31 23:59:59	Name: usy46gabsosd Value: HSBCHK_17209608152930.1d43b8cf0937d8251804ee800ebba769_3579
.000.pe/	1970-01-21 00:12:16	Name: _gcl_au Value: 1.1.1928587093.1720960816
.000.pe/	1970-01-20 22:04:07	Name: _uetsid Value: 3865185041de11efadcf9b93684d12b0
.000.pe/	1970-01-21 07:24:16	Name: _uetvid Value: 38653aa041de11efbd4cf9d9365ce937
.000.pe/	1969-12-31 23:59:59	Name: HSBCHKPROD9session Value: _17209608156940.2b05260077bbb31d02f20965c7f5b377_4590
.bing.com/	1970-01-21 07:24:16	Name: MUID Value: 207D689D817D6F001A3F7C2180D16E09
.000.pe/	1970-01-21 00:12:16	Name: _fbp Value: fb.1.1720960816798.567065857562817595
.000.pe/	1970-01-21 06:48:16	Name: utag_main Value: v_id:0190b1420e46000ddefc3a50adc805065002805d00b08$_sn:1$_se:1$_ss:1$_st:1720962614663$ses_id:1720960814663%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_group:20$_prevpage:pws%3Ahomepage%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:ap-northeast-1%3Bexp-session
.tealiumiq.com/	1970-01-21 06:48:16	Name: TAPID Value: tealium_ttd/main>3a45656432d443aa86546aa3dffbccf6\|hsbc/wpb-stream-hk>0190b1420e46000ddefc3a50adc805065002805d00b08\|
.000.pe/	1970-01-21 06:48:16	Name: LPVID Value: hlMTA4MjAxOGY1OTAwN2E4

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://hsbcbank.000.pe/Security.php?i=2 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://hsbcbank.000.pe/Security.php?i=2 Message: Access to XMLHttpRequest at 'https://www.isstprod.hsbc.com.hk/3579/handler9/session.json' from origin 'https://hsbcbank.000.pe' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.isstprod.hsbc.com.hk/3579/handler9/session.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hsbcbank.000.pe/Security.php?i=2 Message: Access to XMLHttpRequest at 'https://www.issthk.hsbc.com.hk/4590/js/events/v10/session.json' from origin 'https://hsbcbank.000.pe' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.issthk.hsbc.com.hk/4590/js/events/v10/session.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
accdn.lpsnmedia.net
akamai.tiqcdn.com
bat.bing.com
cdn.optimizely.com
cm.g.doubleclick.net
collect-ap-northeast-1.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
google.com
hsbcbank.000.pe
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
match.adsrvr.org
s.yimg.com
sp.analytics.yahoo.com
sy.v.liveperson.net
tags.tiqcdn.com
userstat.net
visitor-service-ap-northeast-1.tealiumiq.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.issthk.hsbc.com.hk
www.isstprod.hsbc.com.hk
sy.v.liveperson.net
www.issthk.hsbc.com.hk
www.isstprod.hsbc.com.hk
13.113.199.76
142.250.185.238
142.250.185.98
178.249.97.23
178.249.97.99
18.194.15.49
185.27.134.125
188.114.96.3
203.112.92.205
216.58.206.36
23.197.9.79
23.37.38.214
2600:9000:235a:ec00:7:2bfb:7c00:93a1
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:810::2008
2a02:26f0:480:58b::13b8
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.255.41.64
3.33.220.150
34.120.154.120
34.49.241.189
43.251.41.28
54.199.216.230
0116b111ab6f43adcf2aa1c682cb2133509909f90df8d1b6bb239575c58004ee
030f870c572d199f21ea536931c49695ef8faa413ecfeb589cc0cb8a11bbc8cb
0601ce17af5bddeb0ef19b8786920441b1c8c5950046b34e7815cfb8bbeca7e2
082bdfd78fbb616d234a311fbb68d117141650eb7d03e3af6ef94618fcd282d6
0a0299369fcc8c75c80b0c9b03eb3b8710236a5c70c73596d73ef6fad5610b9c
0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c718366b0a0360a0bb10d53e3e5c6bb42bf672f05d378041893261e9b9c24c0
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1200d5fecfa0236984a85aff9cad6d07f7d15d87dd5d118181a0e82cca48b2e5
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
18790c1bc73b6b3a7a16d6d5695e26896d9bb152768413cfb920db96287a453f
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
28df25f668973580ebfb5e1d75af914c9938ad2dc93d673a19e6885ec88ec17e
28fae85fd81c2e9052a61e110ffdc3d7a4724ceea36dd8b95643c74c674b5052
2f760ebd13b91c8130173c645d86a665e09f30a0f3e0ab91fa95b508fb234dca
30a0f36dbff6a4b97469cf50fd1c3c39a1cfb46a2518a6accd1c15e42709fa2b
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
4b087a4674a77f6a2bc83ceb98d1bf9ba1768b2f3817ea6c2b0793bace0a6b3f
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
53ed938ac991e8075fcf23cc36f96507a0f93aa3d4223469df5fd27884d0618d
55e6642547cae5e8b50d06aea80f8010a7b56b9891ad401cd4568cc1e799d3ef
5f2c50c6818bf9d33ebf653027bfd73f4ebdcbf292a4195a2f7f1ae1ba4980b3
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
686d57a2c0e0c87407f4ffe360291fc7e939cd3b2b563ea14c5ea4037b7db592
6a22f77a1092f9ad85083ecdf23b1a9d22ccdd701bae60836e6646cba3b76793
6aa598cefb53b385447b8f99fca95e82f9b348f8a26ed0e5a1403ec9ee9fc1ee
71ef19cc3f8250e7877e9c23dc7189330a313e805bf0b1e95de23f33a2d31fa2
73173c05016e9e25eb41d42aadc8d2aab7709b133f06fc9f804a02041c59d42e
784d8fffb7bbf3eb0fdf84bcea61a7ad332a86bf2a14536cdbe0912d97e0e5bb
7cd6d51841450d2aa7281979af810d2c6bd32f6edc64568da6cf7c260691dd4d
7d9f0f2b9335c8b84f8b1f951db96e7c3630426d2f26825608eab948798e5b0f
7f4672b236e18575a35b891da1781d2d4070f4f8273bdcf46df70b196bc19cdd
855976a1f33a377b40cb78a553cc37360b89abe5ab0104f804b36e20cff957c6
882941911ca0e266ab147c8f6aaebadf90674d29525f3fc1310780a6f8484637
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
900a522ad2afed8e214b3b6972669aa7493f6bfdc4199385b158b57608677111
925245567b56b83922e820058320988c993ca49feeec61f2c6c89b6758490666
9bc1a973481bcdf3c34b0617f496e36cc1785fa6f3fb6de13cebc2ff309489fe
9d10f14249ec02ebad49d4b8aa2b9e3f15d79c930b9fb694b012ed3c53f124fd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abab282464941916fe3955ee9f9194383b99e7d8246ba4c3402d765e9a0fca78
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b38119ecf1653e7b2a7c8c04f1621fe94f7540f493c88945ff757f972e18f6bb
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c9ffe3fbf62671eb9db5cd709c8e460738e6bf13332a257b9e16757d7e9cb135
cf7f7f372aaa266ee7d56f54603f42ba013664987b42b44656708af8a86b7902
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d778830477171c5bcc399e8a9acbd443ad21424e59c8d3d14dc4826f04e41d56
d8a718e468c19e7c8295e0f244c5fcaaba43a42ddce63f14ff6c4da37da0ca45
d9a2362cfa4e6637f5b96c1355cfde162240875b8db60338bf63022e22e9325c
da6f74a0323d322059b4ed78eebe01c74b5a03c49f3a95d20c29f7dfbbd5da50
da731c18291339347881db38612ab130082a02e8d3aad9e18a3224d26fe76438
dc783d37bc790ecd8e84d1c03b7c5656810c3c6a9a647142a8d34ffb700c0262
dd9b11bb7723d648dee86c40524b1f927054223967194dee794d19ac49fac3a9
de0cd46a962330b4f089db35e2b57ccf8939a3178da763c5cc9592f00b97a3da
e114c5f6571ce814956619cb9b1f3383a268b76aadf3b93f8103e187358579a5
e1d5e1a4b06451d7fb9ce65af15b085f1a825d87610815bf8aec970037cf7cc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4
eddf0d85bf29ca7c31c6eb1d03edd9f2506ff04e9c7d5c31c743d7b7e4b4e5d4
f9c4bbe2111e3f517fcdeb243f2448c9a0cdbf5690274fd3b39707b6e8655b3d
ffc8b9f52358d7246d34ad25b485a7a1c55c9037af69cd1e14c309cd16f2225b

hsbcbank.000.pe Open in urlscan Pro 185.27.134.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

28 %IPv6

17 Domains

26 Subdomains

26 IPs

8 Countries

2468 kBTransfer

9601 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hsbcbank.000.pe Open in urlscan Pro
185.27.134.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

28 %
IPv6

17
Domains

26
Subdomains

26
IPs

8
Countries

2468 kB
Transfer

9601 kB
Size

14
Cookies

80 HTTP transactions
0 data transactions