hs-bca.herokuapp.com Open in urlscan Pro
3.219.96.23 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hs-bca.herokuapp.com/
Submission: On October 16 via automatic, source openphish (October 16th 2022, 2:15:54 pm UTC) — Scanned from DE

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 83 HTTP transactions. The main IP is 3.219.96.23, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hs-bca.herokuapp.com.

This is the only time hs-bca.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 17	3.219.96.23 3.219.96.23	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.153.20 13.226.153.20	16509 (AMAZON-02) (AMAZON-02)
12	2.16.241.151 2.16.241.151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
19	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
3	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	91.214.5.199 91.214.5.199	20705 (HSBC-UK) (HSBC-UK)
3	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
1	18.64.119.5 18.64.119.5	16509 (AMAZON-02) (AMAZON-02)
1	3.248.125.227 3.248.125.227	16509 (AMAZON-02) (AMAZON-02)
2	52.28.211.200 52.28.211.200	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	35.158.16.80 35.158.16.80	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
83	20

17 3.219.96.23 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-96-23.compute-1.amazonaws.com

hs-bca.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.153.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-20.dus51.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.16.241.151 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-151.deploy.static.akamaitechnologies.com

cdn.hsbc.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.214.5.199 (United Kingdom)

ASN20705 (HSBC-UK, GB)

www.isstmena.hsbc.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.119.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-5.txl50.r.cloudfront.net

www.hsbc.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.125.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-125-227.eu-west-1.compute.amazonaws.com

hsbcbankglobal.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.211.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-211-200.eu-central-1.compute.amazonaws.com

collect-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.16.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-16-80.eu-central-1.compute.amazonaws.com

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 968 akamai.tiqcdn.com — Cisco Umbrella Rank: 9094	143 KB
17	herokuapp.com 1 redirects hs-bca.herokuapp.com	1 MB
14	hsbc.ae cdn.hsbc.ae www.isstmena.hsbc.ae www.hsbc.ae — Cisco Umbrella Rank: 987449	581 KB
6	gstatic.com www.gstatic.com	340 KB
5	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	5 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	25 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	55 KB
3	tealiumiq.com collect-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 26962 visitor-service-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 46654 datacloud.tealiumiq.com — Cisco Umbrella Rank: 6121	2 KB
3	lpsnmedia.net lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3912	31 KB
3	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3468
2	google.de www.google.de — Cisco Umbrella Rank: 6045	612 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	102 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	204 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	demdex.net hsbcbankglobal.demdex.net	3 KB
1	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 2881	19 KB
83	16

	Domain	Requested by
17	tags.tiqcdn.com	hs-bca.herokuapp.com tags.tiqcdn.com
17	hs-bca.herokuapp.com	1 redirects hs-bca.herokuapp.com cdn.hsbc.ae
12	cdn.hsbc.ae	hs-bca.herokuapp.com cdn.hsbc.ae
6	www.gstatic.com	hs-bca.herokuapp.com www.google.com
5	www.google.com	hs-bca.herokuapp.com www.gstatic.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	cm.g.doubleclick.net	3 redirects
3	lpcdn.lpsnmedia.net	hs-bca.herokuapp.com
3	lptag.liveperson.net	hs-bca.herokuapp.com tags.tiqcdn.com
2	www.google.de	hs-bca.herokuapp.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com
2	akamai.tiqcdn.com	tags.tiqcdn.com
1	www.facebook.com	hs-bca.herokuapp.com
1	www.googleadservices.com	www.googletagmanager.com
1	datacloud.tealiumiq.com	hs-bca.herokuapp.com
1	visitor-service-eu-central-1.tealiumiq.com	tags.tiqcdn.com
1	collect-eu-central-1.tealiumiq.com	tags.tiqcdn.com
1	hsbcbankglobal.demdex.net	hs-bca.herokuapp.com
1	www.hsbc.ae	hs-bca.herokuapp.com
1	www.isstmena.hsbc.ae	hs-bca.herokuapp.com tags.tiqcdn.com
1	cdn.appdynamics.com	hs-bca.herokuapp.com
83	22

This site contains links to these domains. Also see Links.

Domain
www.business.hsbc.ae
www.about.hsbc.ae
www.hsbc.ae

Subject Issuer	Validity	Valid
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
cdn.hsbc.ae DigiCert TLS RSA SHA256 2020 CA1	`2022-04-15` - `2023-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
www.isstmena.hsbc.ae DigiCert TLS RSA SHA256 2020 CA1	`2022-04-28` - `2023-05-29`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
www.hsbc.ae DigiCert SHA2 Extended Validation Server CA	`2022-08-23` - `2023-09-23`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.tealiumiq.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-25` - `2022-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://hs-bca.herokuapp.com/
Frame ID: 9A31B992302CCC272546FA2A90E69137
Requests: 76 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=2&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cHM6Ly93d3cuaHNiYy5hZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=br342ngshczi
Frame ID: 31AAD982402568660C3F313A0947136C
Requests: 3 HTTP requests in this frame

Frame: https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0
Frame ID: 8F10EF724E074A431268B4620EA72966
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cDovL2hzLWJjYS5oZXJva3VhcHAuY29tOjgw&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4wwcanq8zmrk
Frame ID: AB1A546B5ACB127D2633182A8C4C3974
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Username | Log on | HSBC

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Heroku (PaaS) Expand

Overall confidence: 100%
Detected patterns

\.herokuapp\.com

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

83
Requests

59 %
HTTPS

35 %
IPv6

16
Domains

22
Subdomains

20
IPs

4
Countries

2576 kB
Transfer

5152 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.business.hsbc.ae/en-gb
Title: Business

Search URL Search Domain Scan URL

URL: http://www.about.hsbc.ae/
Title: Careers, media, investor and corporate information

Search URL Search Domain Scan URL

URL: https://www.hsbc.ae/1/2//business
Title: Business

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

http://hs-bca.herokuapp.com/ HTTP 302
http://hs-bca.herokuapp.com/

Request Chain 59

http://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&google_gid=CAESELrbUip23RkZemPlK-W6gCo&google_cver=1

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hs-bca.herokuapp.com/ 56 KB
56 KB 263ms
128ms Document
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: fd8e92d367555d5c2d994b44c44059e6b89cebaf5ff78becad5e676768977cc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 57277
Content-Type: text/html; charset=utf-8
Date: Sun, 16 Oct 2022 14:15:48 GMT
Etag: W/"dfbd-dM2duM+Q99MG5JClouBGHzW+WUI"
Server: Cowboy
Via: 1.1 vegur
X-Powered-By: Express

GET
H2 200 adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js Show response
cdn.appdynamics.com/ 47 KB
19 KB 82ms
22ms Script
application/javascript 13.226.153.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-20.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 02:33:04 GMT
content-encoding: gzip
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 1683764
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2017 23:37:57 GMT
server: nginx/1.16.1
etag: W/"5a3c45d5-bbee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b695lS6PqhsrjHqApk1zdbHa15JR9n4Z2QyikfzpK2neQHdBWUqGcQ==

GET
H2 200 clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
cdn.hsbc.ae/etc/designs/logonEnhancements/ 112 KB
76 KB 345ms
23ms Stylesheet
text/css 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

6fc2cfc62b3b2aac1231142913ec431ccd158b2a5bd978fd46761c92f25b698e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 14:15:48 GMT
last-modified: Thu, 07 Jul 2022 18:08:39 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=22912051
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 77063
x-xss-protection: 1; mode=block

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 0
0 639ms
290ms Script
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 946 B
1 KB 73ms
32ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ReCaptchaCallbackV3&render=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31efbffefcab6f813f8cd66f96e5d93409a5daab9b742371acd514ab432a0297

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614
x-xss-protection: 1; mode=block
expires: Sun, 16 Oct 2022 14:15:48 GMT

GET
H/1.1 200
OK utag.110.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 121 KB
40 KB 261ms
244ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.110.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47351b051a90736fbb4235766dbdf918fbec761e3721920306d3355b9c87cddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Sep 2020 12:56:11 GMT
Server: AkamaiNetStorage
ETag: "9b7f9c8aad0a0c1ac759c21f26007464:1600260970.992749"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40727
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H/1.1 200
OK utag.35.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 13 KB
5 KB 35ms
18ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.35.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce08b420f631854888220e09a5ae041b3e9b0ec2eae273479868673eff708061

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 12:47:54 GMT
Server: AkamaiNetStorage
ETag: "47dd45618015a6a39cb2f0dcd1c0e5c6:1594212474.755595"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4386
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H/1.1 200
OK utag.56.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 39 KB
12 KB 37ms
20ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.56.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45fcb9b5044ae1ee78cea53720d3cd4886810d13b01fb3128c3fff24d05431a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Nov 2020 03:11:40 GMT
Server: AkamaiNetStorage
ETag: "b18fb704b1b1e4d92e03de680d02447f:1604891499.966482"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11789
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H/1.1 200
OK utag.141.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 8 KB
3 KB 35ms
18ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.141.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 142d824c5d8acb129087d715bb8329a6151634d7401b58dee8c54da0879858d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Mar 2020 13:42:40 GMT
Server: AkamaiNetStorage
ETag: "d4a7bf2e84e28038cb5490e84726b987:1583761360.808527"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2897
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H/1.1 200
OK utag.262.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 5 KB
2 KB 54ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.262.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 39a5db94d94f2a31847d702e7ff1c0f527e55ee86cd073c32e262de711cd35d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 16:40:51 GMT
Server: AkamaiNetStorage
ETag: "b6650cceb1f06f8046a344da057b4dec:1592239251.180258"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2068
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H/1.1 200
OK utag.275.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 4 KB
2 KB 52ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.275.js?utv=ut4.46.202007081247
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3a37220c8eea2fe2449d422e1f5b413f5d3138281fe80386668b4a720d13dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 12:47:55 GMT
Server: AkamaiNetStorage
ETag: "6e8073b11e365c6ef4760d5feace92e1:1594212475.208573"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1638
Expires: Mon, 31 Oct 2022 14:15:49 GMT

GET
H2 403 tag.js
lptag.liveperson.net/tag/ 0
0 345ms
23ms Script
text/plain 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=45066354
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1 200
OK JavascriptInsert.js Show response
www.isstmena.hsbc.ae/ 98 KB
36 KB 967ms
83ms Script
application/x-javascript 91.214.5.199
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.isstmena.hsbc.ae/JavascriptInsert.js

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.199 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

141ab6e3cd186ac2f6543c756d2eb0f28102c4c39abd3b57b744e40868810989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Jun 2018 10:58:28 GMT
Content-Encoding: gzip
ETag: b96fa9f2dcb0ff05762313f9cb0bfb0f
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=900, s-maxage=900
Connection: Keep-Alive
S: LISST02RPUK-WS
Keep-Alive: timeout=5, max=100
Content-Length: 36385

GET
H2 403 .jsonp
lptag.liveperson.net/lptag/api/account/45066354/configuration/applications/taglets/ 0
0 368ms
46ms Script
text/plain 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/45066354/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=security_login_enter-username&b=1
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.41.0.2-release_5020/jsv2/ 6 KB
3 KB 298ms
23ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_re/3.41.0.2-release_5020/jsv2/overlay.js?_v=3.41.0.2-release_5020

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Jul 2020 14:51:24 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Mon, 16 Oct 2023 14:15:48 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.41.0.2-release_5020/jsv2/ 30 KB
12 KB 341ms
66ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_re/3.41.0.2-release_5020/jsv2/UISuite.js?_v=3.41.0.2-release_5020

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Jul 2020 14:51:24 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Mon, 16 Oct 2023 14:15:48 GMT

GET
H/1.1 200
OK utag.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 85 KB
23 KB 119ms
117ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3f626d32bc9262647f4f094617eca41b4600a05f877b8e87c96cd5ece7012638

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 18:07:24 GMT
Server: AkamaiNetStorage
ETag: "c188227f5417d749731638f853e13621:1664474844.208572"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22735
Expires: Sun, 16 Oct 2022 14:20:49 GMT

GET
H2 200 clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css
cdn.hsbc.ae/etc/designs/dpws/ 841 KB
95 KB 563ms
243ms Stylesheet
text/css 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

efe373642c0dd4ff67f20a4163439a1fcc82e4ee21035485e0a8ef87b9ad00a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 14:15:49 GMT
last-modified: Wed, 11 Aug 2021 05:54:40 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
s: gbl-prod-wk-aempub
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK clientb.css
hs-bca.herokuapp.com/stylesheets/ 865 KB
865 KB 221ms
114ms Stylesheet
text/css 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 8c74e7d5354279f1809ccda3e8f04dd75cba8c6ae9558177203b5e5a0681f802

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:48 GMT
Via: 1.1 vegur
Last-Modified: Wed, 10 Feb 2021 05:12:39 GMT
Server: Cowboy
X-Powered-By: Express
Etag: W/"d8283-1778a5b0d58"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 885379

GET
H/1.1 200
OK Transmittan.css
hs-bca.herokuapp.com/stylesheets/ 275 KB
276 KB 272ms
130ms Stylesheet
text/css 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/Transmittan.css
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 4709e618ec4f8ee5774887825a9831cf4771e5b31178e73b27700ccb11ed2fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:48 GMT
Via: 1.1 vegur
Last-Modified: Wed, 10 Feb 2021 05:12:39 GMT
Server: Cowboy
X-Powered-By: Express
Etag: W/"44d36-1778a5b0d58"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281910

GET
H2 200 hsbc-logo.svg
cdn.hsbc.ae/content/dam/hsbc/ae/images/logos/ 5 KB
2 KB 23ms
22ms Image
image/svg+xml 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hsbc.ae/content/dam/hsbc/ae/images/logos/hsbc-logo.svg

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 14:15:49 GMT
last-modified: Thu, 22 Sep 2022 20:12:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=1005333
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 1966
x-xss-protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 801 B
1007 B 391ms
313ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.sync.js
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ff01871a0649ad04ae1d8a2a94e294232da1766d7ee34339c627151cdc55ede2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:49 GMT
last-modified: Thu, 29 Sep 2022 18:07:22 GMT
server: AkamaiNetStorage
etag: "baaecab2263f51d9af809c6580ecd8b3:1664474842.754475"
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 801
expires: Sun, 16 Oct 2022 14:20:49 GMT

GET
H2 200 clientlib-jquery.5ea5c4f95742f26a1d6b25eb830feb0c.js Show response
cdn.hsbc.ae/etc/designs/dpws/ 111 KB
37 KB 25ms
25ms Script
application/x-javascript 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/clientlib-jquery.5ea5c4f95742f26a1d6b25eb830feb0c.js

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

d5c2c8d7956e2af9082fe02f239bd97c426f12e7a867d1b4f1a405c124d26cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 14:15:49 GMT
last-modified: Wed, 06 Jul 2022 10:52:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=22912050
accept-ranges: bytes
s: gbl-prod-sy-aempub
content-length: 37902
x-xss-protection: 1; mode=block

GET
H2 200 clientlib-all.min.270df5e827e881826b3d81f998b2cea3.js Show response
cdn.hsbc.ae/etc/designs/dpws/ 576 KB
145 KB 193ms
190ms Script
application/x-javascript 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/clientlib-all.min.270df5e827e881826b3d81f998b2cea3.js

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

48f364ef034cf0c9cf115d0a022682eae3745c67e098f13ed9b4167f184b05b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 14:15:49 GMT
last-modified: Tue, 22 Jun 2021 05:42:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
s: gbl-prod-sy-aempub
x-xss-protection: 1; mode=block

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/ 37 KB
15 KB 48ms
45ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.js?loc=https%3A%2F%2Fwww.hsbc.ae&site=45066354&force=1&env=prod

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 30 Mar 2020 14:49:28 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Mon, 16 Oct 2023 14:15:49 GMT

GET
H2 200 sticky-button-help.png
www.hsbc.ae/content/dam/hsbc/ae/images/livechat/ 2 KB
3 KB 566ms
93ms Image
image/png 18.64.119.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.ae/content/dam/hsbc/ae/images/livechat/sticky-button-help.png

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.119.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-119-5.txl50.r.cloudfront.net

Software

Apache /

Resource Hash

88f0b4ea6782e4d1a440aaf77422175990fd0c0fba2be50827e5a25ed8034cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 10:12:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
via: 1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P4
age: 187420
x-cache: Hit from cloudfront
content-length: 2254
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 10:12:10 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
s: dispatcher3euwest1
x-amz-cf-id: PpylwTfyuFsspafvNU0aScsOaYFJx4DK4n4e1i-8XCKIXc_9fGOaHg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 396 KB
158 KB 515ms
168ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ReCaptchaCallbackV3&render=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hs-bca.herokuapp.com/
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 14:13:15 GMT

GET
H/1.1 404
Not Found flags_16.png
hs-bca.herokuapp.com/stylesheets/common/img/ 2 KB
2 KB 218ms
112ms Image
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/img/flags_16.png
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 0c0f89b2b616e71e7b34ba6dcfff8eddf00b8f1219e537c5354e474702058ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H2 200 UniversNextforHSBC-Regular.woff
cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/UniversNextforHSBC-Regular/ 26 KB
26 KB 84ms
49ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/UniversNextforHSBC-Regular/UniversNextforHSBC-Regular.woff

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2c9f8279b2f7f4864ff4a2685306c9d978a30b82d0c396ed20752f22374c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 05:19:57 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155384
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 26196
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found UniversNextforHSBCW02-Bd.woff
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 110ms
110ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Bd.woff
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 404
Not Found UniversNextforHSBCW02-Rg.woff
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 535ms
535ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Rg.woff
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 404
Not Found HSBCIcon-Font-Extension.woff
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 543ms
543ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font-Extension.woff?ee39a20e77cff3aec879befe2cd1d29d
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 404
Not Found UniversNextforHSBCW02-Bd.ttf
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 210ms
157ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Bd.ttf
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:49 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
563 B 201ms
16ms XHR
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H2 200 UniversNextforHSBC-Light.woff
cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/UniversNextforHSBC-Light/ 24 KB
25 KB 16ms
16ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/UniversNextforHSBC-Light/UniversNextforHSBC-Light.woff

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

9546a2b27fb48b2fcd03c45591d0c74aad14f707365f55b366937762204c41fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:58:44 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155384
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 24956
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
563 B 81ms
30ms XHR
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 404
Not Found authorize.auth.json Show response
hs-bca.herokuapp.com/ 2 KB
2 KB 135ms
135ms XHR
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/authorize.auth.json?q&_=1665929749968
Requested by: Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-jquery.5ea5c4f95742f26a1d6b25eb830feb0c.js
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 0c0f89b2b616e71e7b34ba6dcfff8eddf00b8f1219e537c5354e474702058ab6

Request headers

Accept: */*
Referer: http://hs-bca.herokuapp.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: json

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 31AA 42 KB
23 KB 41ms
41ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=2&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cHM6Ly93d3cuaHNiYy5hZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=br342ngshczi

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0920c9ae69a8fc11de86f75d12ae5f75765a3de75b0cdbe5e7331f61a7d009f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-orWnNyAzW76_Bizw0X06IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hs-bca.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22580
content-security-policy: script-src 'report-sample' 'nonce-orWnNyAzW76_Bizw0X06IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 14:15:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html Show response
hsbcbankglobal.demdex.net/ Frame 8F10 7 KB
3 KB 185ms
39ms Document
text/html 3.248.125.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.125.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-125-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://hs-bca.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-038a43fef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: AJ1ZUREgRlk=
content-encoding: gzip
date: Sun, 16 Oct 2022 14:15:50 GMT
last-modified: Thu, 29 Sep 2022 16:18:56 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 UniversNextforHSBCW02-Bd.woff
cdn.hsbc.ae/etc/designs/dpws/common/fonts/ 26 KB
26 KB 17ms
17ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Bd.woff

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 00:16:19 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6184019
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 26328
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK utag.338.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 5 KB
2 KB 19ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.338.js?utv=ut4.46.202008191228
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3651a63ecab67079eb3bf79d1a5a27a5a99d016295fb9ae1b817a762ed0d481a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Aug 2020 12:28:38 GMT
Server: AkamaiNetStorage
ETag: "2fea90e8c1714b1e3219d4c1f6840d93:1597840118.667093"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2080
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.352.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 48 KB
14 KB 21ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.352.js?utv=ut4.46.202206241813
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 56d45d001f4acab160ea866006d510626a5cefb0d9980871aaab821b4d4b54de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Nov 2020 03:11:44 GMT
Server: AkamaiNetStorage
ETag: "61653ea5b013bedfc8a4eeaf7d393f04:1604891504.462166"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14019
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.365.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 8 KB
3 KB 21ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.365.js?utv=ut4.46.202101201807
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f163f3665465ce009e420ad920ac8f1dab402c8e4772e226ab52951b9fe35356

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 18:07:52 GMT
Server: AkamaiNetStorage
ETag: "83e41cdefef7ccbdcb3e9f5ea0085d52:1611166072.999415"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2476
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.381.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 14 KB
5 KB 19ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.381.js?utv=ut4.46.202206241813
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18ced98699d131ba209441845cdff7fedd9213fcf6f41e3e4e95b296c347166c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 17:47:45 GMT
Server: AkamaiNetStorage
ETag: "d4f84e0440e3784311b44504024ada16:1612460865.878483"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4646
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.460.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 22 KB
8 KB 168ms
166ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.460.js?utv=ut4.46.202209291807
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73bdf07e102bfa857b1d4d43b9416bea8b89ca1a2f9590d9430d0e2380ea5795

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 19:04:55 GMT
Server: AkamaiNetStorage
ETag: "a8b46a98653470cf592d6421edeb5d4f:1643310295.825884"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7275
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.471.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 5 KB
2 KB 167ms
165ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.471.js?utv=ut4.46.202209291807
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aee688bdab5fa1abf1aec470d5c0186df9aa1f6692e9eb95024d1bc01754cf62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 19:04:57 GMT
Server: AkamaiNetStorage
ETag: "542a6a009410e68057a37200a12875d1:1643310298.001134"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2045
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.486.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 8 KB
3 KB 24ms
24ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.486.js?utv=ut4.46.202206241813
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 65d055566682369768e65f3f721b503c687f412e1b6f4032047ab6e975550950

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 19:04:55 GMT
Server: AkamaiNetStorage
ETag: "e44c19b9aab69d9c9ad9953867cf5084:1643310295.646246"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2665
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.540.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 47 KB
13 KB 19ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.540.js?utv=ut4.46.202206241813
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d34548a50f07b52aa4d43ee4447a952675f19c74e578880de77460628adda4b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 18:14:24 GMT
Server: AkamaiNetStorage
ETag: "8d5362f63cb1d2d5ee89e74363381738:1656094464.814875"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12621
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H/1.1 200
OK utag.542.js Show response
tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/ 10 KB
4 KB 19ms
19ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.542.js?utv=ut4.46.202206241813
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9f30abd199630358d60f9be1b08812a5f27919a7a0cae28c844e0782769dedd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 18:14:23 GMT
Server: AkamaiNetStorage
ETag: "a43d5cc4f3dc584e5228c8242640bc21:1656094463.13689"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Mon, 31 Oct 2022 14:15:50 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ Frame 31AA 0
0 846ms
845ms Stylesheet
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=2&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cHM6Ly93d3cuaHNiYy5hZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=br342ngshczi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ Frame 31AA 0
0 227ms
227ms Script
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=2&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cHM6Ly93d3cuaHNiYy5hZTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=br342ngshczi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

/ Show response
hs-bca.herokuapp.com/
Redirect Chain

http://hs-bca.herokuapp.com/
http://hs-bca.herokuapp.com/

56 KB
56 KB

133ms
133ms

XHR
text/html

3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: fd8e92d367555d5c2d994b44c44059e6b89cebaf5ff78becad5e676768977cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"dfbd-dM2duM+Q99MG5JClouBGHzW+WUI"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 57277

Redirect headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: /
Connection: keep-alive
Content-Length: 23

GET
H2 403 tag.js
lptag.liveperson.net/tag/ 0
0 24ms
23ms Script
text/plain 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=45066354
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.381.js?utv=ut4.46.202206241813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST session.json
www.isstmena.hsbc.ae/2386/handler9/ 0
0

POST
H2 200 i.gif Show response
collect-eu-central-1.tealiumiq.com/hsbc/wpb-stream-ae/2/ 43 B
765 B 80ms
34ms XHR
image/gif 52.28.211.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-eu-central-1.tealiumiq.com/hsbc/wpb-stream-ae/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.540.js?utv=ut4.46.202206241813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.211.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-211-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://hs-bca.herokuapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuASbGmBkGUtUQzgA

Response headers

date: Sun, 16 Oct 2022 14:15:50 GMT
x-serverid: uconnect_i-0ccb5716a39a603e6
x-tid: 0183e126a533000c77e00c9f293b03074001c06c00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-ae:2:datacloud
x-region: eu-central-1
content-length: 43
pragma: no-cache
x-did: 0183e126a533000c77e00c9f293b03074001c06c00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: http://hs-bca.herokuapp.com
x-ulver: 631420fadf76c2899b32aaf6774de2c7f621de3a-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 362e6e15-894a-42fb-813d-e66aac261c46
expires: Sun, 16 Oct 2022 14:15:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 74ms
29ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8715533

Requested by

Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.486.js?utv=ut4.46.202206241813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a86f331a0bf9586c916b29f95e05db08ab2a4d31fbb3867f939508f38f073f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42486
x-xss-protection: 0
last-modified: Sun, 16 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Oct 2022 14:15:50 GMT

GET
H/1.1 404
Not Found UniversNextforHSBCW02-Rg.ttf
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 115ms
114ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Rg.ttf
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 404
Not Found HSBCIcon-Font-Extension.ttf
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 146ms
145ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font-Extension.ttf?ee39a20e77cff3aec879befe2cd1d29d
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H2 200 0183e126a533000c77e00c9f293b03074001c06c00b08 Show response
visitor-service-eu-central-1.tealiumiq.com/hsbc/wpb-stream-ae/ 36 B
252 B 151ms
35ms Script
application/javascript 35.158.16.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/hsbc/wpb-stream-ae/0183e126a533000c77e00c9f293b03074001c06c00b08?callback=utag.ut%5B%22writevawpb-stream-ae%22%5D&rnd=1665929750220

Requested by

Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.16.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-16-80.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d5439391796acc598b82bf35d6e08e3f3d550faf0b1de4aff36679d40ebff7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-version: 631420fadf76c2899b32aaf6774de2c7f621de3a-SNAPSHOT
date: Sun, 16 Oct 2022 14:15:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: eu-central-1
content-length: 36
x-nodeid: i-01a731fe62a32ce03
content-type: application/javascript; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 64ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-797652105&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8715533

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a06f836dd7ca1f244edbf714a55212227da4c3d04099d71dd48b9f6453313d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61311
x-xss-protection: 0
last-modified: Sun, 16 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Oct 2022 14:15:50 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

http://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stre...
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stre...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync...

43 B
1002 B

29ms
17ms

Image
image/gif

52.28.211.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&google_gid=CAESELrbUip23RkZemPlK-W6gCo&google_cver=1
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: H2
Server: 52.28.211.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-211-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
x-serverid: uconnect_i-0c1f9f49f1de5e60e
x-tid: 0183e126a533000c77e00c9f293b03074001c06c00b08
x-did: 0183e126a533000c77e00c9f293b03074001c06c00b08
vary: Origin
content-type: image/gif
x-acc: hsbc:wpb-stream-ae:2:vdata
x-ulver: 631420fadf76c2899b32aaf6774de2c7f621de3a-SNAPSHOT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 43
x-uuid: f4426c1a-57f1-451e-802e-3a65f40f974e
expires: Sun, 16 Oct 2022 14:15:50 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&tealium_cookie_sync=true&tealium_vid=0183e126a533000c77e00c9f293b03074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-ae&google_gid=CAESELrbUip23RkZemPlK-W6gCo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 597
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 67ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/ae-rbwm-gsp/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hr9VkPujJ8+g9ytJ6Jsjg5CsRglemcUa+xylVMyUDiNG111wCTLiQYe1j9/OGt/7+9Qc0WLa2Yvelg34iZOekA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 UniversNextforHSBCW02-Rg.woff
cdn.hsbc.ae/etc/designs/dpws/common/fonts/ 27 KB
27 KB 18ms
17ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Rg.woff

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 02:52:14 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155383
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 27464
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 109ms
34ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-797652105&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 14:15:50 GMT

GET
H/1.1 404
Not Found HSBCIcon-Font.woff
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 157ms
157ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 37ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.85

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H2fnhHFh+djTdVY8LMyJ9BM+2FAcjWM0ng4A1DU+xSVG47966EZ1kPFq0igyuHJNphvDCQq+zqQECB1v1Ywwvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1805307739551132 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 310ms
290ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1805307739551132?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c462a4c3f49292724e1878436939d9fd0673a2ac7f5bfac4ddb1e780b2b7ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: q32hw8RnVTZ454VNNrJSUNRJNot9RICALRvGdIxR2U0v8nB96J0tkzfAG0VBjq8TUnR10vKlzHMlNHUFcGjcYg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/ 2 KB
2 KB 117ms
73ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/?random=1665929750485&cv=9&fst=1665929750485&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&auid=1528099057.1665929750&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a8e56d99ea6eb4b1671e771a1990d632fe24964ab3224ae9cd0fd883461320a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/ 2 KB
1 KB 155ms
112ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/?random=1665929750490&cv=9&fst=1665929750490&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&auid=1528099057.1665929750&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7207374d9023e36d786d29b27b2ad49f0e4058b6fbddc296dfc9eb16d2fa404c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1105
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found HSBCIcon-Font.ttf
hs-bca.herokuapp.com/stylesheets/common/fonts/ 0
0 137ms
136ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font.ttf?ee39a20e77cff3aec879befe2cd1d29d
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/stylesheets/clientb.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H3 200 /
www.google.com/pagead/1p-user-list/797652105/ 42 B
64 B 34ms
32ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/797652105/?random=1665929750485&cv=9&fst=1665928800000&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&async=1&fmt=3&is_vtc=1&random=2668752650&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/797652105/ 42 B
548 B 80ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/797652105/?random=1665929750485&cv=9&fst=1665928800000&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&async=1&fmt=3&is_vtc=1&random=2668752650&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AB1A 7 KB
1 KB 36ms
35ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cDovL2hzLWJjYS5oZXJva3VhcHAuY29tOjgw&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4wwcanq8zmrk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ae83a629af307efe3c6d769a8c27c7f866f4f6ea2df756042c4aee31f121eb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fWxyxlC9i6nFMD4FLZ1evQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hs-bca.herokuapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1052
content-security-policy: script-src 'report-sample' 'nonce-fWxyxlC9i6nFMD4FLZ1evQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 14:15:50 GMT
expires: Sun, 16 Oct 2022 14:15:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/797652105/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/797652105/?random=1665929750490&cv=9&fst=1665928800000&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&async=1&fmt=3&is_vtc=1&random=4096977321&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/797652105/ 42 B
64 B 66ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/797652105/?random=1665929750490&cv=9&fst=1665928800000&num=1&userId=0183e126a533000c77e00c9f293b03074001c06c00b08&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&frm=0&url=http%3A%2F%2Fhs-bca.herokuapp.com%2F&tiba=Username%20%7C%20Log%20on%20%7C%20HSBC&async=1&fmt=3&is_vtc=1&random=4096977321&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 14:15:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 99ms
28ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1805307739551132&ev=PageView&dl=http%3A%2F%2Fhs-bca.herokuapp.com%2F&rl=&if=false&ts=1665929750712&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=f6d612f5113aef3391ca23054b80022acf2092c7d6bf8951697c51d6496bc937&v=2.9.85&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.2.1665929750711.797146231&it=1665929750380&coo=false&eid=b1dbcf47cecaf97483203b4189b66dab&tm=1&exp=a0&rqm=GET

Requested by

Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-bca.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 HSBCIcon-Font-Extension.woff
cdn.hsbc.ae/etc/designs/dpws/common/fonts/ 37 KB
38 KB 17ms
17ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/common/fonts/HSBCIcon-Font-Extension.woff?ee39a20e77cff3aec879befe2cd1d29d

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 05:19:57 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155383
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 38384
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame AB1A 52 KB
24 KB 432ms
138ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LerW7IUAAAAANjK8ZjtiTT1gY6SyoVP9FzKGIDh&co=aHR0cDovL2hzLWJjYS5oZXJva3VhcHAuY29tOjgw&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4wwcanq8zmrk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:47:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame AB1A 396 KB
158 KB 504ms
209ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 14:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 14:13:15 GMT

GET
H2 200 HSBCIcon-Font.woff
cdn.hsbc.ae/etc/designs/dpws/common/fonts/ 22 KB
22 KB 18ms
17ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/dpws/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/dpws/clientlib-default.min.43a5518a5e69c0e362121af5c04e0ea9.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 05:19:58 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155383
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 22532
x-xss-protection: 1; mode=block

GET
H2 200 HSBCIcon-Font.woff
cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/ 23 KB
23 KB 17ms
17ms Font
application/font-woff 2.16.241.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.ae/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.woff

Requested by

Host: cdn.hsbc.ae
URL: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9a3b36151838b0f414f746033f07a79989e9b4bbe327190e395ffe631ff7a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.ae/etc/designs/logonEnhancements/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Sun, 16 Oct 2022 14:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 02:18:27 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=6155383
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 23724
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found HSBCIcon-Font.woff
hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/ 0
0 126ms
126ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.woff
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

GET
H/1.1 404
Not Found HSBCIcon-Font.ttf
hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/ 0
0 121ms
120ms Font
text/html 3.219.96.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.ttf
Requested by: Host: hs-bca.herokuapp.com
URL: http://hs-bca.herokuapp.com/
Protocol: HTTP/1.1
Server: 3.219.96.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-96-23.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Referer: http://hs-bca.herokuapp.com/
Origin: http://hs-bca.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sun, 16 Oct 2022 14:15:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"7e5-RvmbtPWVcS5gBe8B98n695Cb1RM"
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Content-Length: 2021

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.isstmena.hsbc.ae
URL: https://www.isstmena.hsbc.ae/2386/handler9/session.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hs-bca.herokuapp.com/	1969-12-31 23:59:59	Name: usy46gabsosd Value: HSBCMENA_16659297501090.dfb9c7e9fd37d29332e47ca821902caa_2386
.tealiumiq.com/	1970-01-20 15:31:05	Name: TAPID Value: hsbc/wpb-stream-ae>0183e126a533000c77e00c9f293b03074001c06c00b08\|
.hs-bca.herokuapp.com/	1970-01-20 08:55:05	Name: _gcl_au Value: 1.1.1528099057.1665929750
.tealiumiq.com/	1970-01-20 11:07:34	Name: tcs.google_cver Value: eyJoc2JjL3dwYi1zdHJlYW0tYWUiOiIxfDE2NjU5Mjk3NTA1NTEifQ==
.tealiumiq.com/	1970-01-20 11:07:34	Name: tcs.google_gid Value: eyJoc2JjL3dwYi1zdHJlYW0tYWUiOiJDQUVTRUxyYlVpcDIzUmtaZW1QbEstVzZnQ298MTY2NTkyOTc1MDU1MSJ9
.doubleclick.net/	1970-01-20 16:07:05	Name: IDE Value: AHWqTUlMhH2Q_IOmNR9wWeDQwQ2NLoOXkaFLua1GyYsh3MJkz8MuSKVZLlm9NBj4
.hs-bca.herokuapp.com/	1970-01-20 08:55:05	Name: _fbp Value: fb.2.1665929750711.797146231

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lptag.liveperson.net/tag/tag.js?site=45066354 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lptag.liveperson.net/lptag/api/account/45066354/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=security_login_enter-username&b=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Bd.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/img/flags_16.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Bd.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://lptag.liveperson.net/tag/tag.js?site=45066354 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: http://hs-bca.herokuapp.com/authorize.auth.json?q&_=1665929749968 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://hs-bca.herokuapp.com/ Message: Access to XMLHttpRequest at 'https://www.isstmena.hsbc.ae/2386/handler9/session.json' from origin 'http://hs-bca.herokuapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.isstmena.hsbc.ae/2386/handler9/session.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Rg.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font-Extension.woff?ee39a20e77cff3aec879befe2cd1d29d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.hsbc.ae') does not match the recipient window's origin ('http://hs-bca.herokuapp.com').
network	error	URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/UniversNextforHSBCW02-Rg.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font-Extension.ttf?ee39a20e77cff3aec879befe2cd1d29d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/stylesheets/common/fonts/HSBCIcon-Font.ttf?ee39a20e77cff3aec879befe2cd1d29d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://hs-bca.herokuapp.com/etc/designs/logonEnhancements/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
cdn.appdynamics.com
cdn.hsbc.ae
cm.g.doubleclick.net
collect-eu-central-1.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
googleads.g.doubleclick.net
hs-bca.herokuapp.com
hsbcbankglobal.demdex.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
tags.tiqcdn.com
visitor-service-eu-central-1.tealiumiq.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.hsbc.ae
www.isstmena.hsbc.ae
www.isstmena.hsbc.ae
104.75.88.194
13.226.153.20
142.250.186.98
178.249.101.23
178.249.101.98
18.64.119.5
2.16.241.151
216.58.212.162
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.219.96.23
3.248.125.227
35.158.16.80
52.28.211.200
91.214.5.199
0c0f89b2b616e71e7b34ba6dcfff8eddf00b8f1219e537c5354e474702058ab6
0c462a4c3f49292724e1878436939d9fd0673a2ac7f5bfac4ddb1e780b2b7ab2
141ab6e3cd186ac2f6543c756d2eb0f28102c4c39abd3b57b744e40868810989
142d824c5d8acb129087d715bb8329a6151634d7401b58dee8c54da0879858d1
18ced98699d131ba209441845cdff7fedd9213fcf6f41e3e4e95b296c347166c
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
31efbffefcab6f813f8cd66f96e5d93409a5daab9b742371acd514ab432a0297
3651a63ecab67079eb3bf79d1a5a27a5a99d016295fb9ae1b817a762ed0d481a
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
39a5db94d94f2a31847d702e7ff1c0f527e55ee86cd073c32e262de711cd35d0
3f626d32bc9262647f4f094617eca41b4600a05f877b8e87c96cd5ece7012638
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
45fcb9b5044ae1ee78cea53720d3cd4886810d13b01fb3128c3fff24d05431a9
4709e618ec4f8ee5774887825a9831cf4771e5b31178e73b27700ccb11ed2fcc
47351b051a90736fbb4235766dbdf918fbec761e3721920306d3355b9c87cddc
48f364ef034cf0c9cf115d0a022682eae3745c67e098f13ed9b4167f184b05b1
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ae83a629af307efe3c6d769a8c27c7f866f4f6ea2df756042c4aee31f121eb4
56d45d001f4acab160ea866006d510626a5cefb0d9980871aaab821b4d4b54de
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
5a8e56d99ea6eb4b1671e771a1990d632fe24964ab3224ae9cd0fd883461320a
65d055566682369768e65f3f721b503c687f412e1b6f4032047ab6e975550950
6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307
6fc2cfc62b3b2aac1231142913ec431ccd158b2a5bd978fd46761c92f25b698e
7207374d9023e36d786d29b27b2ad49f0e4058b6fbddc296dfc9eb16d2fa404c
73bdf07e102bfa857b1d4d43b9416bea8b89ca1a2f9590d9430d0e2380ea5795
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
88f0b4ea6782e4d1a440aaf77422175990fd0c0fba2be50827e5a25ed8034cf0
8c74e7d5354279f1809ccda3e8f04dd75cba8c6ae9558177203b5e5a0681f802
90db019114bcb830c53464def2150205998e91e2f57435919648a90bde2a9805
9546a2b27fb48b2fcd03c45591d0c74aad14f707365f55b366937762204c41fa
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9f30abd199630358d60f9be1b08812a5f27919a7a0cae28c844e0782769dedd4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06f836dd7ca1f244edbf714a55212227da4c3d04099d71dd48b9f6453313d85
a3a37220c8eea2fe2449d422e1f5b413f5d3138281fe80386668b4a720d13dcb
a86f331a0bf9586c916b29f95e05db08ab2a4d31fbb3867f939508f38f073f72
aee688bdab5fa1abf1aec470d5c0186df9aa1f6692e9eb95024d1bc01754cf62
ce08b420f631854888220e09a5ae041b3e9b0ec2eae273479868673eff708061
d34548a50f07b52aa4d43ee4447a952675f19c74e578880de77460628adda4b7
d5439391796acc598b82bf35d6e08e3f3d550faf0b1de4aff36679d40ebff7f6
d5c2c8d7956e2af9082fe02f239bd97c426f12e7a867d1b4f1a405c124d26cea
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e0920c9ae69a8fc11de86f75d12ae5f75765a3de75b0cdbe5e7331f61a7d009f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
e9a3b36151838b0f414f746033f07a79989e9b4bbe327190e395ffe631ff7a31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe373642c0dd4ff67f20a4163439a1fcc82e4ee21035485e0a8ef87b9ad00a7
f163f3665465ce009e420ad920ac8f1dab402c8e4772e226ab52951b9fe35356
f2c9f8279b2f7f4864ff4a2685306c9d978a30b82d0c396ed20752f22374c82f
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
fd8e92d367555d5c2d994b44c44059e6b89cebaf5ff78becad5e676768977cc2
ff01871a0649ad04ae1d8a2a94e294232da1766d7ee34339c627151cdc55ede2

hs-bca.herokuapp.com Open in urlscan Pro 3.219.96.23 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

59 %HTTPS

35 %IPv6

16 Domains

22 Subdomains

20 IPs

4 Countries

2576 kBTransfer

5152 kBSize

7 Cookies

3 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hs-bca.herokuapp.com Open in urlscan Pro
3.219.96.23 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

59 %
HTTPS

35 %
IPv6

16
Domains

22
Subdomains

20
IPs

4
Countries

2576 kB
Transfer

5152 kB
Size

7
Cookies

83 HTTP transactions
0 data transactions