x.mail.hsbc.fr Open in urlscan Pro
62.27.116.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://l.mail.hsbc.fr/r/Hi/KpPLO
Effective URL:
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY...
Submission: On November 06 via manual (November 6th 2023, 3:46:07 pm UTC) from HR — Scanned from FR

Summary HTTP 95 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 95 HTTP transactions. The main IP is 62.27.116.23, located in Germany and belongs to ECOTEL, DE. The main domain is x.mail.hsbc.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 30th 2023. Valid for: a year.

This is the only time x.mail.hsbc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	62.27.116.25 62.27.116.25	12312 (ECOTEL) (ECOTEL)
1 4	35.158.91.159 35.158.91.159	16509 (AMAZON-02) (AMAZON-02)
1	62.27.116.23 62.27.116.23	12312 (ECOTEL) (ECOTEL)
9	23.212.201.96 23.212.201.96	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:223... 2600:9000:223e:8400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
25	18.245.60.117 18.245.60.117	16509 (AMAZON-02) (AMAZON-02)
1	52.219.169.253 52.219.169.253	16509 (AMAZON-02) (AMAZON-02)
1	54.231.163.80 54.231.163.80	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.79 18.66.97.79	16509 (AMAZON-02) (AMAZON-02)
1	184.30.216.26 184.30.216.26	16625 (AKAMAI-AS) (AKAMAI-AS)
6	91.214.5.153 91.214.5.153	20705 (HSBC-UK) (HSBC-UK)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.249.97.70 178.249.97.70	11054 (LIVEPERSON) (LIVEPERSON)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::5c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
95	26

5 62.27.116.25 (Germany) 3 redirects

ASN12312 (ECOTEL, DE)
PTR: rts.ccmp.eu

l.mail.hsbc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.91.159 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-91-159.eu-central-1.compute.amazonaws.com

cust1098.edp.cheetahces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.27.116.23 (Germany)

ASN12312 (ECOTEL, DE)
PTR: ats.ccmp.eu

x.mail.hsbc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.212.201.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-96.deploy.static.akamaitechnologies.com

wpm.ccmp.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223e:8400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.245.60.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-117.fra60.r.cloudfront.net

sdk.runstellar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.169.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.163.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-79.fra56.r.cloudfront.net

spot.demostellar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.216.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-216-26.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.214.5.153 (United Kingdom)

ASN20705 (HSBC-UK, GB)

www.mcm-prod.hsbc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.70 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net

lo.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	runstellar.com sdk.runstellar.com	211 KB
12	google.com apis.google.com — Cisco Umbrella Rank: 112 pay.google.com — Cisco Umbrella Rank: 2685 accounts.google.com — Cisco Umbrella Rank: 24	200 KB
12	hsbc.fr 3 redirects l.mail.hsbc.fr x.mail.hsbc.fr www.mcm-prod.hsbc.fr	68 KB
10	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3761 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4157	341 KB
9	ccmp.eu wpm.ccmp.eu — Cisco Umbrella Rank: 110590	1 MB
6	gstatic.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com	119 KB
6	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1253 akamai.tiqcdn.com — Cisco Umbrella Rank: 10793	79 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3805 lo.v.liveperson.net — Cisco Umbrella Rank: 17445	125 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	90 KB
4	cheetahces.eu 1 redirects cust1098.edp.cheetahces.eu	7 KB
2	amazonaws.com s3.eu-central-1.amazonaws.com s3.us-east-1.amazonaws.com	4 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	41 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 171	388 B
1	demostellar.com spot.demostellar.com — Cisco Umbrella Rank: 67657	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	7 KB
95	15

	Domain	Requested by
25	sdk.runstellar.com	x.mail.hsbc.fr sdk.runstellar.com
9	wpm.ccmp.eu	x.mail.hsbc.fr
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
6	apis.google.com	sdk.runstellar.com apis.google.com accounts.google.com pay.google.com
6	www.mcm-prod.hsbc.fr	sdk.runstellar.com tags.tiqcdn.com
5	accounts.google.com	apis.google.com x.mail.hsbc.fr www.gstatic.com
5	tags.tiqcdn.com	x.mail.hsbc.fr tags.tiqcdn.com
5	l.mail.hsbc.fr	3 redirects x.mail.hsbc.fr
4	www.gstatic.com	accounts.google.com pay.google.com
4	cust1098.edp.cheetahces.eu	1 redirects sdk.runstellar.com
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
3	fonts.googleapis.com	x.mail.hsbc.fr pay.google.com
2	lo.v.liveperson.net	lptag.liveperson.net
2	lptag.liveperson.net	tags.tiqcdn.com
2	maxcdn.bootstrapcdn.com	x.mail.hsbc.fr
1	fonts.gstatic.com	fonts.googleapis.com
1	sentry.io	sdk.runstellar.com
1	ssl.gstatic.com	accounts.google.com
1	pay.google.com	apis.google.com
1	akamai.tiqcdn.com	sdk.runstellar.com
1	spot.demostellar.com	x.mail.hsbc.fr
1	s3.us-east-1.amazonaws.com	x.mail.hsbc.fr
1	s3.eu-central-1.amazonaws.com	x.mail.hsbc.fr
1	cdnjs.cloudflare.com	x.mail.hsbc.fr
1	ajax.googleapis.com	x.mail.hsbc.fr
1	x.mail.hsbc.fr
95	26

This site contains links to these domains. Also see Links.

Domain
cust1098.edp.cheetahces.eu
l.mail.hsbc.fr
www.hsbc.fr

Subject Issuer	Validity	Valid
*.mail.hsbc.fr Sectigo RSA Organization Validation Secure Server CA	`2023-06-30` - `2024-06-29`	a year	crt.sh
wpm.ccmp.eu R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.runstellar.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-21`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.demostellar.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
www.mcm-prod.hsbc.fr DigiCert SHA2 Extended Validation Server CA	`2023-04-04` - `2024-03-27`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
edp.cheetahces.eu Amazon RSA 2048 M02	`2023-02-14` - `2024-01-26`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Frame ID: A64C2D633FD56F0D01A12D581A46A369
Requests: 77 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fx.mail.hsbc.fr&site=86080147&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 0431342A964DB12813450315A8DEC803
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY5OTI4NTU2Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDAwOTYwMzIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.MHTkudHvkCYYKkavhz0WWa5IKKiXpuqlhc10yEDew6IYLx2M-yt0jm6zZiQNAMYuXgJ0m-5nWGuLGnBk_5wLP8xG19lr-fE2004tuRbF-NRW9QtRNTPxXx4_nLlQKq2U5BVAnVZpqXEF5vExBpUtQiw7WIKy7U1UzEncRjZ5REg-bMuwpl2p0v6w9tIRsn9JwxCigPYFSdmChlD_hPJYidDNo0rNvpts5cqndiFpm7KU_RIhcN42sAbrn52oX2FtBwiEQJ0O2MFv7iatBoMUyrzOB5MRZ4U3zHhi2hwcU2XzJEGjVMtUIldnEdg7jzuKMmqdB8L4wehKxcE_Qt2hRg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__
Frame ID: 40569FD98719711DEE92B54495B5016A
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__
Frame ID: 0E53E35F4FBB96609C3D4DB2907B7C10
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: BCCB90F447A31AC8CADB37F97AE95C67
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC Wallet

Page URL History Show full URLs

https://l.mail.hsbc.fr/r/Hi/KpPLO HTTP 302
https://l.mail.hsbc.fr/rts/go2.aspx?t=163255&tp=i-1NGB-Hi-7VU-KpPLO-1n-1PyC-1c-Kosyg-l9dwqKNn3x-1P3... HTTP 302
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration5_id=5B7FB79B788B48034E75002F6E2BA143&secret... HTTP 302
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjU... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

99 %
HTTPS

42 %
IPv6

15
Domains

26
Subdomains

26
IPs

4
Countries

2663 kB
Transfer

5539 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cust1098.edp.cheetahces.eu/pass/download/6963a9b6223109558d1311219ed72805

Search URL Search Domain Scan URL

URL: https://l.mail.hsbc.fr/rts/un.aspx?tp=i-16Hv-Hi-6ir-0-1c-xP0-G-l9dx0s2iMx-VaNUF

Search URL Search Domain Scan URL

URL: https://www.hsbc.fr/cookies/
Title: Cookie notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://l.mail.hsbc.fr/r/Hi/KpPLO HTTP 302
https://l.mail.hsbc.fr/rts/go2.aspx?t=163255&tp=i-1NGB-Hi-7VU-KpPLO-1n-1PyC-1c-Kosyg-l9dwqKNn3x-1P3iyE&x=5B7FB79B788B48034E75002F6E2BA143%7cfc9c66e1dfd56663b2c78ae790200766&pi=bYJ9F8iExYGywv2KlYedJA HTTP 302
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration5_id=5B7FB79B788B48034E75002F6E2BA143&secret=fc9c66e1dfd56663b2c78ae790200766&pass=reconnaissance_premier HTTP 302
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://l.mail.hsbc.fr/rts/go2.aspx?h=139466&tp=i-16Hv-Hi-6ir-0-1c-xP0-G-l9dx0s2iMx-VaNUF HTTP 302
https://s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/style-hsbc.css?1626789588

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request url.aspx Show response
x.mail.hsbc.fr/ats/
Redirect Chain

https://l.mail.hsbc.fr/r/Hi/KpPLO
https://l.mail.hsbc.fr/rts/go2.aspx?t=163255&tp=i-1NGB-Hi-7VU-KpPLO-1n-1PyC-1c-Kosyg-l9dwqKNn3x-1P3iyE&x=5B7FB79B788B48034E75002F6E2BA143%7cfc9c66e1dfd56663b2c78ae790200766&pi=bYJ9F8iExYGywv2KlYedJA
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration5_id=5B7FB79B788B48034E75002F6E2BA143&secret=fc9c66e1dfd56663b2c78ae790200766&pass=reconnaissance_premier
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_...

25 KB
26 KB

183ms
64ms

Document
text/html

62.27.116.23
ECOTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.23 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: ats.ccmp.eu
Software: /
Resource Hash: 791bfc6f7858808cf51e58816ca610dab072e13091f839946d07ba6d83d9a92a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 26032
Content-Type: text/html; charset=utf-8
Date: Mon, 06 Nov 2023 15:45:59 GMT
Expires: 0
Pragma: no-cache
Vary: Origin

Redirect headers

cache-control: no-cache
content-encoding: gzip
content-language: en
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:46:00 GMT
location: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
referrer-policy: origin-when-cross-origin
server: nginx
status: 302 Found
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-request-id: e75a31c4-bfcf-423c-883d-2a0145d7eb61
x-runtime: 0.035859
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK css_page_wallet_premier.css
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 2 KB
966 B 121ms
25ms Stylesheet
text/css 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/css_page_wallet_premier.css
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0cf4f9f12b3268a85354288767a5db153a2466c1b88a5e0229a9a8cb296826f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 12:41:02 GMT
ETag: "a4e5fc422fb5d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 667

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
25 KB 79ms
30ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 21415362
cdn-cachedat: 12/25/2022 15:19:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e8fc88d8b5f7874d4f945c1721a3ca5c
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 821e77830e2f3c89-CDG
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
87 KB 91ms
25ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 22:18:14 GMT
x-content-type-options: nosniff
age: 235666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88145
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 22:18:14 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 76ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 377611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6696
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fQjt1bCXIgSMnO7IfUcsr51F3L49ejdKG7LKprB2Ofb7g9cxMDxlV8KZN8i4F%2BepTuFMNBrEoIUl6sGj6DMoPE5pyyjf9mXTF%2FkDcn1s66C8M1jfE4gmLj0kdYFh5ZZWQj8hobMmlQZ0NCOrfEqU%2BFN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 821e77830b8301fd-CDG
expires: Sat, 26 Oct 2024 15:46:00 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 79ms
32ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 550285
cdn-cachedat: 12/25/2022 15:19:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"61f338f870fcd0ff46362ef109d28533"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 03f0d7edc28b632fab02694eee5fa23d
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 821e77831e353c89-CDG
cdn-requestpullsuccess: True

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/ 1 KB
902 B 101ms
27ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.sync.js
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2ca0f4fdd623f4cea027c33c8ded05bcc0310566c0d04b4a52ee9cf9ca1621f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: M1Z4_Uk7B9XGWuPm4LTXM6KQXwwnf6W8
content-encoding: br
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 15:44:23 GMT
last-modified: Mon, 16 Oct 2023 10:30:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 101
x-amz-server-side-encryption: AES256
etag: W/"711913d3c9773b4912dedc3bf9874373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 9GiSYv2rp-tCpNbSKeNMX1pQCSsWxFpyD0uTNkCNmUx3ENx6APGvkQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
878 B 100ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:500,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e79edc3bf0221b562052e079f583047f795f8bc981840ddb894aef33f6e09ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 15:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 15:46:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
940 B 101ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300i,400,400i,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2997179b365e8555490549ec0a8b07a0ad78057c8c71e705b6ea12801ee40147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 15:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 15:46:00 GMT

GET
H2 200 default.css
sdk.runstellar.com/26.4.0/ 105 KB
18 KB 118ms
41ms Stylesheet
text/css 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/default.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eb3badfb580bdda696c56b503ced3c0d08c9f9008ccaac253a5d4024cd843afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 01:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: R4MSHHAE7Q5893CE
x-amz-cf-pop: FRA60-P5
age: 9727307
x-cache: Hit from cloudfront
x-amz-id-2: Ckfy/D6Wurcu+MUH/4XG4Xa6tAArbobSv2bd1F/EzSFl+gtD1vy7P/rc2gyxTvXEpO/ilQq8FYw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"d6fec56ee9dd5a4f6f272442ef25c6bd"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=63072000
x-amz-cf-id: eECi4OoNCf2EHwtuW-BbyYGP4cUjYardJwtnCQ94xhfgqd-IH4q9iA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H/1.1

200
OK

style-hsbc.css
s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/
Redirect Chain

https://l.mail.hsbc.fr/rts/go2.aspx?h=139466&tp=i-16Hv-Hi-6ir-0-1c-xP0-G-l9dx0s2iMx-VaNUF
https://s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/style-hsbc.css?1626789588

4 KB
4 KB

113ms
48ms

Stylesheet
text/css

52.219.169.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/style-hsbc.css?1626789588
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Server: 52.219.169.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44a12d438c18a1f8c099c7a96a4673561816277334436a5a46f3974df63f75d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:01 GMT
Last-Modified: Tue, 20 Jul 2021 13:59:49 GMT
Server: AmazonS3
x-amz-request-id: BMD3TJC0NQ6YWX5P
ETag: "4520f2416d14aec95c3e4d848b858303"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 3898
x-amz-id-2: IC8earzo+iHukfjiqOMWEIIXu1p9Xrqy4VRXWD9NpiQg3poM7nvB0C3Rl91qu3f1LBYWDTCySHc=

Redirect headers

Location: https://s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/style-hsbc.css?1626789588
Date: Mon, 06 Nov 2023 15:45:59 GMT
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK open.aspx
l.mail.hsbc.fr/rts/ 43 B
229 B 25ms
23ms Image
image/gif 62.27.116.25
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-6ir-0-1c-xP0-G-l9dx0s2iMx-VaNUF
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.25 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: rts.ccmp.eu
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 06 Nov 2023 15:45:59 GMT
Cache-Control: no-cache, max-age=0
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK open.aspx
l.mail.hsbc.fr/rts/ 43 B
229 B 29ms
27ms Image
image/gif 62.27.116.25
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.25 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: rts.ccmp.eu
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:00 GMT
Cache-Control: no-cache, max-age=0
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK Logo-HSBC-Premier-320x100.png
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 14 KB
14 KB 120ms
28ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/Logo-HSBC-Premier-320x100.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f28540562bdab2dd8ac6e8fc6bfb2a76c0cb68f6fc140b77e434c72679fdee9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Tue, 20 Jul 2021 15:13:35 GMT
ETag: "5617a7cf797dd71:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14319

GET
H/1.1 200
OK wallet-premier-lp.png
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 1015 KB
1015 KB 164ms
72ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/wallet-premier-lp.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f7887cd604fdaba3daa7fdf2151408788f80aba89faec35e5af78d41febb73c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Fri, 11 Mar 2022 16:13:44 GMT
ETag: "4a9021fb6235d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1039587

GET
H/1.1 403
Forbidden loader.gif
s3.us-east-1.amazonaws.com/stellar-wsi-ugd5ypbfu9nx7se1epic/content_pages/download_wallet_pass/static_files/ 0
0 367ms
124ms Image
application/xml 54.231.163.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/stellar-wsi-ugd5ypbfu9nx7se1epic/content_pages/download_wallet_pass/static_files/loader.gif?1557385709
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.163.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H/1.1 200
OK GIF-wallet-premier-Apple.gif
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 293 KB
293 KB 42ms
40ms Image
image/gif 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/GIF-wallet-premier-Apple.gif
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5a4d565df51ba9d8f2523cb96174bb3ffaa73b1a6d4e611c116b67d19192799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Fri, 01 Apr 2022 07:46:07 GMT
ETag: "b49ea8c9c45d81:0"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 300268

GET
H/1.1 200
OK HSBC_Pictogram_ProfilePerson_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 6 KB
7 KB 27ms
25ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_ProfilePerson_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a0e153237a2c6a8c0a547ceb80fa8acb7a0317ca02c8133c0c644d86cdf24f0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:30 GMT
ETag: "9ccbb83ac8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6625

GET
H/1.1 200
OK HSBC_Pictogram_Phone_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 6 KB
6 KB 76ms
25ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_Phone_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5274400ca7b9157ef9666ce342bfe53209296aacbfc8089600a026c74da7bb16

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:54 GMT
ETag: "329f5e49c8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6258

GET
H/1.1 200
OK HSBC_Pictogram_StarFavourite_red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 7 KB
8 KB 78ms
27ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_StarFavourite_red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f9263e815d22d6dfbc623954892e276c1ea0fddc7c93a195f49fc4f7c36c212

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Fri, 26 Aug 2022 10:06:22 GMT
ETag: "382947e33b9d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7625

GET
H/1.1 200
OK HSBC_Pictogram_LocationMarker_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 7 KB
7 KB 137ms
80ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_LocationMarker_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db8b145f08a1be9b5ad911d38fc626f1b1daa10e1985ccdd49c2474fb4b20a99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:01 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:58 GMT
ETag: "5e7a4b4bc8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7135

GET
H/1.1 200
OK HSBC_Pictogram_Choice_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 8 KB
8 KB 46ms
30ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_Choice_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 43b4d4ebc3f049db87187649d20d421c37efca5272680aa52c1de9cf7f9a1217

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:00 GMT
Last-Modified: Fri, 26 Aug 2022 10:18:05 GMT
ETag: "22346f2135b9d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7970

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/ 293 KB
57 KB 31ms
30ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.js
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62cb961e3a64e563a3655668cd71cae15b165cc5865f1e2aa0918f8966a3570a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 6Rj0I6W4hMQOeJP1dRsavhWKPWUiKZvq
content-encoding: br
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 15:44:13 GMT
last-modified: Mon, 16 Oct 2023 10:30:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 108
x-amz-server-side-encryption: AES256
etag: W/"cfc06b8352e64952952f28c266b6aa35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: pEeA8BbQUAO92hkUI7RFvIbas7NQO91fxqOqs9zeTRj7EEuqlak-Xw==

GET
H2 200 spot.js Show response
spot.demostellar.com/1.6.0/ 47 KB
12 KB 271ms
42ms Script
application/javascript 18.66.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spot.demostellar.com/1.6.0/spot.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-79.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2815178b8ac98183b23db0745d2cb351af5db84abbadf4e79bd15551be7dd098

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 00:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-request-id: 2RQWBN9PK1RH8FKS
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
age: 54633
x-cache: Hit from cloudfront
x-amz-id-2: rOPohthB/g3BzGCJHGa8lg5qUMtukl10WJO2Jll4N81bFL4TOUpKf+BtVP78DHus5bczoyiObaw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 28 Feb 2023 20:30:17 GMT
server: AmazonS3
etag: W/"12ab859881ad21b1204a55f4da4ecf39"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://spot.demostellar.com
x-amz-cf-id: cHCARou6_ghZU_eE3pMyMtW-QxT4WnmkOOSPynPuV_huAwR3g4RfOA==

GET
H2 200 sdk.js Show response
sdk.runstellar.com/26.4.0/ 106 KB
35 KB 38ms
37ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3827648c9d0ea8d1f62fce7199a9fc069a88a55a5e88af10f1e6cf92055c6f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 02:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: PS0YVRFE6C7BYXW3
x-amz-cf-pop: FRA60-P5
age: 9034383
x-cache: Hit from cloudfront
x-amz-id-2: CzDwdfdUD9IABVdQDuez8EpvQZnvgRkwUXeFLRYaBtO603C5BNeHxis7m0veq9lbWRZnZwOUJ08=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"b16fc0f4c130de23cce2f318229e3f34"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: QPBUTnFtV_rccmmhGUSNLi47IkX8lH-CW7FJFmQut829058gO43hVQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 29cc7.js Show response
sdk.runstellar.com/26.4.0/ 223 KB
56 KB 38ms
38ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/29cc7.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9390af9547cd22bb7f0b6631279a17bbe8b099910f1c14aaa33731203993a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 01:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: KZDF3EP4H2NDH2NB
x-amz-cf-pop: FRA60-P5
age: 9727305
x-cache: Hit from cloudfront
x-amz-id-2: 5lzvjZb9qvUPe35Mcs2CO5TsVT6Q+/52UuGaNGMw2G7RYze975DPwhT56IU8Z/U2q8pgqoxs9jru735k1OqMmw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"98f87833ffdb9f739c7fa231fcb45fae"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: IAYWZ3bvctJJUsvy_Ep2zR_sfp-0x9aSCa-wfril8ih5e4YD8gJf9w==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
560 B 118ms
31ms XHR
application/x-javascript 184.30.216.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.216.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-216-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:01 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=FR,region_code=IDF,city=PARIS,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Tue, 21 Nov 2023 15:46:01 GMT

GET
H2 200 utag.53.js Show response
tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/ 23 KB
6 KB 32ms
31ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.53.js?utv=ut4.47.202006031252
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e446b8d570661fc35203501be1838ecadac97aa841ea486692cbc4a80c5b6f51

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 14V.E0cyE4GaLMw8569n72iqKfpgpRRA
content-encoding: br
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 15:41:11 GMT
last-modified: Mon, 16 Oct 2023 10:30:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 295
x-amz-server-side-encryption: AES256
etag: W/"0a01cd84e64df3606f730d030798abbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: mmnR3T1ZvE70ep21yEZoTAGFclHT2qGOK3I5dPHW0ZaKFw-Xp_yszA==

GET
H2 200 utag.505.js Show response
tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/ 46 KB
14 KB 31ms
31ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.505.js?utv=ut4.47.202310161028
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1be0895d704b7e005a1c0e4dfcb2e7f61e3b7c8344fd07eed33172ef68307a4a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: N0x.NoULB7wuqCjoyMh8A_7RVPb29L5h
content-encoding: br
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 15:44:37 GMT
last-modified: Mon, 16 Oct 2023 10:30:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 118
x-amz-server-side-encryption: AES256
etag: W/"081d2f559aecbe56ff2fee39ee0a5abd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1FyDvNiBh1Z-6TO0oozoXQahCW_Tpoud_h6wLqqTbFLNqolTcyHYsQ==

GET
H2 200 74074.js Show response
sdk.runstellar.com/26.4.0/ 88 KB
31 KB 41ms
41ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74074.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9a9f91ede0b8c756d74214220c9df3c142c77dd04fce253c14682fa7fa3ba3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 01:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: VD5XKDF93TA88484
x-amz-cf-pop: FRA60-P5
age: 743877
x-cache: Hit from cloudfront
x-amz-id-2: 90rswkxfdbcnY22U2W4f23SPI4fQU7LEZLyxHnrhbgHodZvWnHChwQcf56BG0lRZfl1VYNqsAX0Dc88DLeesDGbEU3/w4H/FD6wG2L18KSg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"96fdf80d9221cda63b237d234dca4fd2"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: gKONlcbaczuWEVfsAtO55WD8M6wOlg7SimrqMZzsNgjGA1E3kVJ9qg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

POST
H/1.1 200
OK session.json Show response
www.mcm-prod.hsbc.fr/3247/handler9/ 5 KB
2 KB 1526ms
286ms XHR
application/json 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/3247/handler9/session.json

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

9367b94d4b2363cb7cbe9d65db9581d83b4c1e10e637dfdd50b8f13011a4698a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://x.mail.hsbc.fr
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
S: LWSMCMRP102FR
Keep-Alive: timeout=5, max=100
Content-Length: 1144

GET
H/1.1 200
OK JavascriptInsert.js Show response
www.mcm-prod.hsbc.fr/ 97 KB
35 KB 1276ms
35ms Script
application/x-javascript 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/JavascriptInsert.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.505.js?utv=ut4.47.202310161028

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a51a91cf97d73a34cdae202b28a9ad251f1e9836e02bd333a34b9098ec2037d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 15:46:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sun, 07 Aug 2016 11:55:44 GMT
Content-Encoding: gzip
ETag: fbae1c37bf1799c5bfc7f4456b695db6
Vary: User-Agent
Content-Type: application/x-javascript
Cache-Control: max-age=900, s-maxage=900
Connection: Keep-Alive
S: LWSMCMRP101FR
Keep-Alive: timeout=5
Content-Length: 35501

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 25ms
25ms Script
application/javascript 2600:9000:223e:8400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/fr-rbwm/202310161028&cb=1699285561135
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Mon, 06 Nov 2023 15:38:40 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: ZphBdD29HDOJLnBi6XKSpaeQt5GgoXtUDy4iykQcdo14NVfhO6eGnQ==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 150ms
30ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=86080147

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.53.js?utv=ut4.47.202006031252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 26 Sep 2023 18:59:22 GMT
server: ws
etag: "65132a0a-2494"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9364

GET
H2 200 ad549.js Show response
sdk.runstellar.com/26.4.0/ 21 KB
8 KB 38ms
38ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/ad549.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7931532269be36f6368351474ac688d7feabec33c7a03b172024796e7b616c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 00:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: PNM9W5RBD7E4KCGH
x-amz-cf-pop: FRA60-P5
age: 9816983
x-cache: Hit from cloudfront
x-amz-id-2: Fjw7FnlXyO1nYAtDUCWemb8bkC+0tI7DP58FEjiUb9sDJ8uMkgtRo3QYLpPQf9lYSM6qMgxC5PM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"d3775ea47032422325b44db172e1b138"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: XZ5rIjY2pUZB2HHfnovptx3MSzzUKyvDjFCjwOSjQ--Y4J9DymzzdA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 a3afa.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 46ms
42ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/a3afa.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2a7cccd3809dfd84058e9cda3bc1509a42a1c60d9188e5af673113d7309cd263

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: YJMJHZT1A4EGY32X
x-amz-cf-pop: FRA60-P5
age: 9900068
x-cache: Hit from cloudfront
x-amz-id-2: baiuF5fW0BXE6To8yv7LVZUaxCwxMmOFjxz4i/E/79tw+1tjVHPF2UJNJgMMcbtOS7LUTCvXQ+pqv6UDklZE7Q9jzSruZlsX
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"aeb4aa3645c6d245c274f0532a20d651"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: lRQyyRz03vEiOfvHWfNlpWCnxDwxXxkmy4zGwpc1L4NIqnBtDle-eA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 06cc7.js Show response
sdk.runstellar.com/26.4.0/ 609 B
1 KB 50ms
46ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/06cc7.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ac48d0d6d4597db943bb03126bf6577587a2ac8ad97d44dfe5df4b6aab35c4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:15:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: BR0JPZN9XF99PBK8
x-amz-cf-pop: FRA60-P5
age: 2115035
x-cache: Hit from cloudfront
content-length: 609
x-amz-id-2: e2IsKp8CKwWe8JPFBMajoP4YBbjti9mBoETCJz1Bi89tpbiCZr05IPxPNUbGQOO0D9m2+U8IWCg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:39 GMT
server: AmazonS3
etag: "1b94e0760b907be61a90987469765734"
expect-ct: enforce, max-age=63072000
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: _WWXBUdc0t5D3N9LF0skK1_JVZQh3_EpQDX5X7_E148W_I5auOOdVA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 e56b6.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 54ms
51ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/e56b6.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2aa7d0d5bdb27cf66b0679c7649caefb326b8f963abb1e4bfbf13baf203f4e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 02:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: YDXFR7H5DZ9XHZMB
x-amz-cf-pop: FRA60-P5
age: 3589714
x-cache: Hit from cloudfront
x-amz-id-2: w1ghEKvj01qd2GqeYlZd7Z9ZHgYUYhCfDGZPSafq4zjNy2JjFUIUQ5d16sUVWGHR5dajBb68EJY=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"ad2c6c34c675a7357638b64ccead821c"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: YfKBL39WEBU4cPj4wEwQHbT0qndOFKmdDhD0_jQ9XMOEH3HyFMlCGQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 d419f.js Show response
sdk.runstellar.com/26.4.0/ 3 KB
2 KB 46ms
43ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/d419f.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0383faa942e93727c20cb5862ea722ea3f61a4dce0326d36b58a59be829cab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 06:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 4M77R6CHGCDQQB3N
x-amz-cf-pop: FRA60-P5
age: 6512467
x-cache: Hit from cloudfront
x-amz-id-2: 9vW/w5+4nWkzUW75yBNoRzhG7tdXGgMVla8p2sFb96Uc2qlavJ3aHZXzM2yK4U5RILtAyUdXcrE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"63092c36aeeb34929e8cf2a17dbf5eae"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: 1u2P3SFTX3P0EPogZOQo2SFXHwqnOvf9jD2s3wH5YMQlZfGLBd8XQg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 72c2c.js Show response
sdk.runstellar.com/26.4.0/ 4 KB
3 KB 48ms
45ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/72c2c.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f0cd4cbdadde4b6f7a089c358014b684365ff48ef102b364cc3f3650ef8aee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 02:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: XHH5YKJCNQYZEXTK
x-amz-cf-pop: FRA60-P5
age: 3502723
x-cache: Hit from cloudfront
x-amz-id-2: 7+zhGajBAy2v0xYZvGG2zbADdHxYa+03Vo8DDCrYe0CuoZgCqkDI+ZQaJ9jNna0RD5FQBeyZiRg=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"6b7f2e3b11c4807e5b57dbc1b766289b"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: NusbvVU2l_JPA7j964Bjwjsuh7ZqshQOhcOxKOEghIFb9A5hKOS7LA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 2616a.js Show response
sdk.runstellar.com/26.4.0/ 12 KB
5 KB 53ms
50ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/2616a.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1bdc85400467ba8eb767152fbb351052d16f9813ce28aca3b745bb8b84e7309c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 03:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 7QHRNSSMEJQPTKKD
x-amz-cf-pop: FRA60-P5
age: 10413087
x-cache: Hit from cloudfront
x-amz-id-2: yEkTLrH7ovWttXMKXO2ATvnuECHsyfa1VQwFBz4XB6OnBIehkLT5qg6gkj517oBKI3QgDh1SeIOHIxwClJak2A==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"f71cb99ab4b59b319671390057044cd8"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: d0qh9LyiLwa87_DgHM6DoXDfUU2hGKD1ZtqpZSAtBK2x2HlpLE2pSw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 558f1.js Show response
sdk.runstellar.com/26.4.0/ 29 KB
6 KB 47ms
44ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/558f1.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c08ef0d5dfd2575fb52220720af66a422514ab933a935940808296fa136a62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: WV8K9WM2GRFWYFVR
x-amz-cf-pop: FRA60-P5
age: 8896734
x-cache: Hit from cloudfront
x-amz-id-2: MDssu2OOC5pZXSx5LLITK24Td/l5geRmd1R/ujRVLFWO/zmhz4bF9gfLMVX9Jd9lf0xM3mAhGHc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"0895cfca688f4b59c21778d3264938b6"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: QlHyCzWaP_OZyjbngXhYMovaNt8zEzq1clQqnLLny-dYexCoqNxKBw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 e174b.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 47ms
45ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/e174b.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb0aab98cf111ff976ff8fe32533d3cd88ddf81504184259b28d7bd0dba227b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 970N9DJ6DWN0C3MM
x-amz-cf-pop: FRA60-P5
age: 4021535
x-cache: Hit from cloudfront
x-amz-id-2: mvC7lfkNWqkpv6KeRMdwbBXfV0SYpvpxTulLBZLrDUJeBVA+tqWAheoDI3oDCt1WARMDkLbb2c0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"1b18c7989f62b07a8d935618d10d993e"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: _hWN4vUobY2NcQFFfDhPMnj0g_i_MglhWra8O6GYAE8NAPmMHpHiSw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 4017e.js Show response
sdk.runstellar.com/26.4.0/ 2 KB
1 KB 45ms
43ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/4017e.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

afd3a07766f78b9bf0b06b9531b048bd4dc93778ab0b71d5a6fb693d3df33e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: JK2E1EM1711E09MG
x-amz-cf-pop: FRA60-P5
age: 9211228
x-cache: Hit from cloudfront
x-amz-id-2: Godqolmvb/bI6acDkS4Z3NZNeTnluhrUuenLDAkcVxQTCgG69EWhpxSX/iTjcx6caKlM8+hW8gw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"276a79f5d62110a5c8cdcb292dee94fe"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: a64ErDbxwHHR-iEXe9J3dZWaVA_6KnqW3ehJv6lYHgVYo5v_6BQjYA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 9bc6a.js Show response
sdk.runstellar.com/26.4.0/ 5 KB
2 KB 54ms
52ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/9bc6a.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c77ab5b67ba98ae35b5f3f6747a4bc4ad99888ad0f7d2c34fea0a46b935f618

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 970RZ9Q15PASDN10
x-amz-cf-pop: FRA60-P5
age: 4021535
x-cache: Hit from cloudfront
x-amz-id-2: DmrxhzkKHGjUheQyS4OJ32vfZpbW7WyOaEyZ9J1/jjuiM8OmiYaMFc6c2l2VJD0mxab4KRUI9XiDgsDo8xI9uEO/t9arA1b0zOtI2EelbmQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"4fb60022757bc66561e5a97a643e77a1"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: y-C3FbCY9OoYURS1VHrxYP8YBKlxxPdyAubnS4oPK5CclrXyzuznbg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 d8bb5.js Show response
sdk.runstellar.com/26.4.0/ 16 KB
6 KB 63ms
61ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/d8bb5.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1f7f9acfa3de1d794238cca66befc165fe297e34e02633a81aad966dcb93c758

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: YJMNES3WBEP4K5GX
x-amz-cf-pop: FRA60-P5
age: 9900068
x-cache: Hit from cloudfront
x-amz-id-2: DiveyD8gffeR5zAUh2hdlq5K+67Hbq5Xpehb4y6Ha3k6QlnU7b30RI/f99ohv+NKkVgNqqfSzJc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"1153a3c39fbf0584a5a1fedbc1162951"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: we9trQNxiWN84M0BFXc0PkMUyuDFQnDo3oajzZ-_iSM82UghjLE6Mg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 c274f.js Show response
sdk.runstellar.com/26.4.0/ 6 KB
3 KB 61ms
60ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/c274f.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f62df0a26e9fc2b8c22eb949e5f211283ea169271c8e52293ffb4adf1e4957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 01:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 34S4JAP0Y38BRHFD
x-amz-cf-pop: FRA60-P5
age: 9297050
x-cache: Hit from cloudfront
x-amz-id-2: +2xBsoB7kDZpE3hZQ16qn7jGQE5xOXt6csvkJSwOCFI7Ol5L0s9BIsuOA/lEdbVnDtm2rhqJokA=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"9cd5cc9effce1c934a8e9cb47f8f22b8"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: bvUiyPhy-mwnu31-2KZ5TqpE8GmA7VVWm6KVZoRBoz2uQ2DuBIgD2w==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 688f2.js Show response
sdk.runstellar.com/26.4.0/ 24 KB
6 KB 66ms
65ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/688f2.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2174ec1145c19ad51ed3818cbf73add541fafecda5632ff40c509fb5e03cb5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: JK2A8QYAYXHQ0QYC
x-amz-cf-pop: FRA60-P5
age: 9211228
x-cache: Hit from cloudfront
x-amz-id-2: lkhFXHKmuu2VO1avYzwNjP7BvU18j8w/VHShbnuHYMvmuGylAajPLADZgch+sYSk6OUlyrsSt+4=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"078a32115b2fa9013fbc3c2dc291b9f6"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: K4uSaVPaqtKMU6KwMGRl8QEAVPYprJAAhNESiGURQkRTS2OTNY0W9g==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 fdf23.js Show response
sdk.runstellar.com/26.4.0/ 568 B
1 KB 63ms
62ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/fdf23.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c22fd28650e27d761b8771d82fb89a06cd5ab16a75d5ecae9b24df8c80103b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 03:09:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 8MYHSY08FDVVA090
x-amz-cf-pop: FRA60-P5
age: 8944576
x-cache: Hit from cloudfront
content-length: 568
x-amz-id-2: 5hWDRQZ2nfJYR7/iXlglIf1OujTVxFIUOsKWtRSbl+yfe0yUEjcNLHRVmWo2c2Io91oYfx5HmZwkhmRKuvWQkPK8rCd7tm5f7NaG2HM0rwo=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: "4351611bcfd40d1bc62332fe2375f361"
expect-ct: enforce, max-age=63072000
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: 53wF5g3N8wT2M_uw_rGdSkuMjvCDizXQ2XyqRtO0NKvBRDKSbt7mUQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 93f28.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 65ms
64ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/93f28.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

629e64b4cef5a2338ac17d53fe1c534839871a6e303f7b5702e39d67f0fc7237

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 04:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: XW0WZP08JF35230N
x-amz-cf-pop: FRA60-P5
age: 9888847
x-cache: Hit from cloudfront
x-amz-id-2: 0aXDA7Dh0FGfiUCB8/fLOieYQId67w2tvYfhaiOjU/lF14BYW4KSoqgvqR4N8CAlcaPGnrERoiY=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"9639463e988ec29c2b3a65312e664a56"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: L0RZL6C8EFiS-nna-g6RePwUDq8BRDr8GWjq2hS0BCo41ngv0YvaEA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 ca27b.js Show response
sdk.runstellar.com/26.4.0/ 16 KB
6 KB 64ms
63ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/ca27b.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9eb932d925622895424b31b1a64fdf474067b601997899ab4a38414d8c88a9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 03:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: K3XFWTDZJCRYBFKZ
x-amz-cf-pop: FRA60-P5
age: 4019203
x-cache: Hit from cloudfront
x-amz-id-2: L+9yRmaHCF3NV5oI5wZysRW0POOQdz1FTWXDe5Sjw3ZXeZN/GJTbo119rkB0Rv9STthhfbEVG74=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"355d590872b4b8797b29903831c5f3eb"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: e_jy40cpAx2fr1X0AJsIfb7FLiPKr6q0mnQ3xjKUrpTuqBrpAM3nBw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 3daf4.js Show response
sdk.runstellar.com/26.4.0/ 2 KB
2 KB 90ms
89ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/3daf4.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e890156c5be12852ecb387a0ed3b800f4b03e9d060cac842fcfae2bd55915ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 01:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: SA0VDHGE6P53BQTV
x-amz-cf-pop: FRA60-P5
age: 8950359
x-cache: Hit from cloudfront
x-amz-id-2: Ol4yjW/jLvTsH+sgFBAYHW2c6NFA/qtpCOJlbib3tKG4z5kULKfhIbN336lXTu5tIbLLOeqgvts8UTxhZKPcTRm1CvdQCfSc
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"f25e258a0e7ca3e8a0ecec357252cca4"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: k3II1P84iM2KwsA1XxIaG0gJoSpsrFVxlKyYEc4a5Yg0IyVREFPgTA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/ 321 KB
113 KB 33ms
32ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/fr-rbwm/prod/utag.53.js?utv=ut4.47.202006031252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

102d125f3c4a171344273080f40b609d39eaeede7026d37f49e539f3b5d61166

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 74fe.css
sdk.runstellar.com/26.4.0/ 47 KB
11 KB 38ms
36ms Stylesheet
text/css 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74fe.css

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f77dcf713be7cfdcaf1efd18e9f7c60305366e2c716c7d0f8afe952f835a6ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: J5ZGGVRCA04MR3A4
x-amz-cf-pop: FRA60-P5
age: 8896733
x-cache: Hit from cloudfront
x-amz-id-2: 5M9BEjj57mmsQto04nWk+C85WY/a543YYu+YRp7cYkQEUyP6D+tPVhbPUCuhzVzYgK+RMDeCRqo=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"3361141968671b25d72a8e21fb210fe9"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=63072000
x-amz-cf-id: xjJGOvmVme7JTnhBcNynbXgfWN4IxxZBU-RWkp6KAG_091uQ_5gRAg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 74fe2.js Show response
sdk.runstellar.com/26.4.0/ 149 B
800 B 34ms
32ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74fe2.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9e708d8d9b84ab17d101e3fa77604358b9f3adb2f890330055c74da058f1a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:11:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: DA5FR01T0KTCMX00
x-amz-cf-pop: FRA60-P5
age: 8591658
x-cache: Hit from cloudfront
content-length: 149
x-amz-id-2: gZ2nR0JwsDqVWzuED/NESarSWJgOhkeX04GxU68E3u5dGwOqnIfRiRbn9L+edqDSz2zN5uF3UuE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: "b3dc17969d00af3bc147805a3fd6d844"
expect-ct: enforce, max-age=63072000
content-type: application/javascript
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: WkCYPaYYQYbyEjydKptasL-QShYRPQEJvqE8HLFo-t6Cz5kDJhfS_Q==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 summary.json Show response
cust1098.edp.cheetahces.eu/api/ 735 B
1 KB 713ms
664ms XHR
application/json 35.158.91.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/summary.json?access_token=93a3a193b65ddb8cf9f52baa6c42a62ff968d925e562bce27dd3f9a455fd8c37&_=1699285561148

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.91.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-91-159.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d88f6e840695a11cc1d5a347b14757cfb108b184d84162a674bad2cdcb5a16c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:02 GMT
x-correlation-id
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
x-permitted-cross-domain-policies: none
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 9e335a6a-f283-46b0-88ed-f6b839534fda
x-runtime: 0.567130
referrer-policy: origin-when-cross-origin
server: nginx
etag: W/"3b687a666466429f34856d5f781d0638"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
content-type: application/json
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-expose-headers
access-control-max-age: 1728000
x-frame-options: ALLOWALL

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/86080147/configuration/setting/accountproperties/ 7 KB
3 KB 175ms
45ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86080147/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6d7144aaf286a769b4d90794c2f48e80d4fe9acbde53468a071a00180493aab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 06 Nov 2023 15:46:58 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 40 KB
12 KB 101ms
47ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ui-framework.js?version=10.30.0.0-release_5603
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 21:59:21 GMT
content-encoding: br
age: 236800
x-guploader-uploadid: ABPtcPraXhP0xsrqKw-jOkTHrYTaeVq-2sRG22b6wBEqxPoj1q_HRrhHb_CMg_Uv7ogScCb1ZFxC1ZEyHR0jR_nNJJQSDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12476
last-modified: Fri, 04 Aug 2023 02:09:07 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1691114947742814
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 90 KB
25 KB 75ms
22ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/UMSClientAPI.min.js?version=10.30.0.0-release_5603
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2a73ff47539c08d1e9399792a12e739a2e5f76e6ec0233ec1a736b2404bc3759

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 12:02:56 GMT
content-encoding: br
age: 1914185
x-guploader-uploadid: ADPycdst7t-kKh5V0LfyaycmaEEdO6hUdcr_IR6nE3owBsoAvHVWTwOA4R1qsVI6l8dIxdQZM0OkUXlAM_TR8kMp-30tJ-_sXrPy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25331
last-modified: Fri, 04 Aug 2023 02:09:07 GMT
server: UploadServer
etag: W/"e21c09a84864d9b3aa39048de5bdf259"
vary: Accept-Encoding
x-goog-generation: 1691114947862165
x-goog-hash: crc32c=poRNeQ==, md5=4hwJqEhk2bOqOQSN5b3yWQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 92266
accept-ranges: none
content-type: application/javascript

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 92 KB
26 KB 90ms
38ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/lpChatV3.min.js?version=10.30.0.0-release_5603
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 05:40:11 GMT
content-encoding: br
age: 1245950
x-guploader-uploadid: ABPtcPqWw-biDU7hDQD4UfP9vPADDrzD8JOfPlYTKuMujWq3kpBEpPM08RQlKWaLId5TnMakxyu2-bGJZ9N4zFUXOlzRKNmoRZnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26349
last-modified: Fri, 04 Aug 2023 02:09:08 GMT
server: UploadServer
etag: W/"1b9875038c28f82d87ab6ea5ec9c7ef1"
vary: Accept-Encoding
x-goog-generation: 1691114947873551
x-goog-hash: crc32c=RKdNnA==, md5=G5h1A4wo+C2Hq26l7Jx+8Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 94041
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 8 KB
3 KB 71ms
20ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/surveylogicinstance.min.js?version=10.30.0.0-release_5603
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:05:13 GMT
content-encoding: br
age: 1096848
x-guploader-uploadid: ABPtcPqJzCN47mecYr4FYMhcsQwjJYjGqJ2ROZZKUT1ohtCxX1apNTwm3h6RsnIAiqCG2dJbCZv9sqAXjQ2pZvCuu_9F1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2381
last-modified: Fri, 04 Aug 2023 02:09:07 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1691114947635037
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/86080147/configuration/le-campaigns/ 3 KB
1 KB 127ms
23ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86080147/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

3c79cbdcf1455bc6701f1dcf816ce792fa1021512d15698b1f761948e1cf956b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 06 Nov 2023 15:46:58 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 999 KB
243 KB 38ms
37ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/desktopEmbedded.js?version=10.30.0.0-release_5603
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2e0038f0ed73ab5d6d81bb7780efa8101dc71c49e02ebbaa37ed8736bc71b484

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:24:47 GMT
content-encoding: br
age: 1207274
x-guploader-uploadid: ABPtcPoX794bzVru5MN4j2pKzgKKOVcehhtcy_BX8NJYwwljs8N4dZLJLPS2itx2SV4RFXB9T1ZC-emHeFEMf4ypgLYYZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248022
last-modified: Fri, 04 Aug 2023 02:09:08 GMT
server: UploadServer
etag: W/"e7bf076d1e0cc7552f6cca97423b18d0"
vary: Accept-Encoding
x-goog-generation: 1691114948673576
x-goog-hash: crc32c=6gpbqA==, md5=578HbR4Mx1UvbMqXQjsY0A==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1023171
accept-ranges: none
content-type: application/javascript

GET
H3 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 0431 39 KB
13 KB 20ms
20ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fx.mail.hsbc.fr&site=86080147&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 2500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: br
content-length: 13671
content-type: text/html
date: Mon, 06 Nov 2023 15:04:21 GMT
etag: W/"c324135b527679ce95ee8393a719af9d"
last-modified: Sat, 17 Jun 2023 09:58:13 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1686995892984320
x-goog-hash: crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 39463
x-guploader-uploadid: ABPtcPq_X30eIBB15OeD2yCWYgZiUCvv60yW1JRCznhpKidcwT4uwbd4_clLuPYZVrJ59u5JEpyzcPlTarXE7hOKO-fHaw7CgaF0

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 37 KB
13 KB 20ms
20ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fx.mail.hsbc.fr&site=86080147&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:14:33 GMT
content-encoding: br
age: 1888
x-guploader-uploadid: ABPtcPoal7Q9LRSwbd-1zvubQlKd8Ixnbv-7qSuTIdHHdvZjxFW2OShT0JIJ-n6-Jw5bMSJPQM2UB6f8zlhCVyWasK_TOg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13402
last-modified: Sat, 17 Jun 2023 09:58:12 GMT
server: UploadServer
etag: W/"c45eeed74a24f46b0e7a5c5faaae4731"
vary: Accept-Encoding
x-goog-generation: 1686995892942818
x-goog-hash: crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=3600
x-goog-stored-content-length: 38358
accept-ranges: none
content-type: application/javascript

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/86080147/configuration/domainprotection/ Frame 0431 963 B
1 KB 24ms
24ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/86080147/configuration/domainprotection/refererrestrictions?cb=lpCb38135x17487

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fx.mail.hsbc.fr&site=86080147&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

35e23860bd9b7c75a52d021423f469572e4f3a5dd1d69cefadeec1020d753b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 06 Nov 2023 15:46:22 GMT

GET
H2 200 86080147 Show response
lo.v.liveperson.net/api/js/ 232 B
1 KB 121ms
44ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lo.v.liveperson.net/api/js/86080147?&cb=lpCb35107x96900&t=sp&ts=1699285561879&pid=756624400&tid=7647558491&pt=HSBC%20Wallet&u=https%3A%2F%2Fx.mail.hsbc.fr%2Fats%2Furl.aspx%3Fstl_params_hash%3DeyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9%26cr%3D1098%26wu%3D1285%26pass%3Dreconnaissance_premier&sec=%5B%22en-US%22%2C%22default%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22lead%22%2C%22lead%22%3A%7B%22topic%22%3A%22default%22%2C%22value%22%3A0%2C%22leadId%22%3A%220%22%7D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo.v.liveperson.net

Software

ws /

Resource Hash

c0caace4e2393f546c6a0f15dce76d5f61a9c74df256487feae0a96211a28a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 86080147 Show response
lo.v.liveperson.net/api/js/ 111 B
900 B 26ms
25ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lo.v.liveperson.net/api/js/86080147?sid=DSmxk02sSYOpHOUnaSL94A&cb=lpCb95962x73099&t=pl&ts=1699285561886&pid=756624400&tid=7647558491&vid=kxMzliN2YyY2Q3NDAxMTQ2

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/86080147/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo.v.liveperson.net

Software

ws /

Resource Hash

8e655c3882657f2f73820929e6bb2e5a756098e3208b14a338af8ecc1c41bb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 8ac67.js Show response
sdk.runstellar.com/26.4.0/ 6 KB
2 KB 34ms
34ms Script
application/javascript 18.245.60.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/8ac67.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-117.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6a2de4c6807cf25d3272964d0800c9a00a865c12bc6cc8603d4f5a6f688f7e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-request-id: 8QSEZY5FYFTMQWJA
x-amz-cf-pop: FRA60-P5
age: 10072872
x-cache: Hit from cloudfront
x-amz-id-2: lL5GdgGDEgW2yWk0w6LNapzpc4hZE3M/2JPCnPqoLwAaq+rPfn8Hl7uK2cBKpUBYmnnq0OGwsQdwMK36LZLQ04NAlNN9aXcMpB7XSGyHYCc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"44ea2f869bc962732ec09c76c33c2690"
expect-ct: enforce, max-age=63072000
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=63072000
x-amz-cf-id: rm5x6sISvenk3Nfss33pdZcBAHUW0UtYImU0iO1EAplmlNLTiHPIhw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 embed Show response
cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/ 51 KB
4 KB 325ms
324ms XHR
application/json 35.158.91.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/embed?origins=https://x.mail.hsbc.fr&access_token=93a3a193b65ddb8cf9f52baa6c42a62ff968d925e562bce27dd3f9a455fd8c37&_=1699285561149

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.91.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-91-159.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

073641845a6933321036fbc7d5f776a2297ec3a28885723f9a26ce220b845e0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:46:02 GMT
x-correlation-id
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
x-permitted-cross-domain-policies: none
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 081c1e8e-e26c-4233-af39-c4ca29915d45
x-runtime: 0.296919
referrer-policy: origin-when-cross-origin
server: nginx
etag: W/"6359d48c654c9381ebaf9cbac7f750e3"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
content-type: application/json
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-expose-headers
access-control-max-age: 1728000
x-frame-options: ALLOWALL

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 109ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/2616a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5320063f39a49e0a4349b616b2a7ab3c5994c097b17df298ebfe2e8a285232fb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 15:46:02 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7b9ec9334744f909"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 15:46:02 GMT

POST
H2 201 create_view_activity Show response
cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/ 16 B
1016 B 84ms
84ms XHR
application/json 35.158.91.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/create_view_activity?access_token=93a3a193b65ddb8cf9f52baa6c42a62ff968d925e562bce27dd3f9a455fd8c37

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.91.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-91-159.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:46:02 GMT
x-correlation-id
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
x-permitted-cross-domain-policies: none
status: 201 Created
x-xss-protection: 1; mode=block
x-request-id: 580e98e5-d2ee-4a1a-b7ba-d8eee957b8c6
x-runtime: 0.057907
referrer-policy: origin-when-cross-origin
server: nginx
etag: W/"7363e85fe9edee6f053a4b319588c086"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
content-type: application/json
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-expose-headers
access-control-max-age: 1728000
x-frame-options: ALLOWALL

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/ 191 KB
65 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e1dd5e31751b1519ba94ba1e3a042d4b2cbe3a9cd82b76658b126605943b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 08:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65961
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 08:01:15 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/ 81 KB
28 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cab214aae462d46346af6ec79e519c9c0427b2b55e580b70acb1a06f206e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28789
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 11:29:08 GMT

GET
H2 200 save Show response
pay.google.com/gp/v/widget/ Frame 4056 14 KB
7 KB 735ms
674ms Document
text/html 2a00:1450:400c:c1d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY5OTI4NTU2Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDAwOTYwMzIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.MHTkudHvkCYYKkavhz0WWa5IKKiXpuqlhc10yEDew6IYLx2M-yt0jm6zZiQNAMYuXgJ0m-5nWGuLGnBk_5wLP8xG19lr-fE2004tuRbF-NRW9QtRNTPxXx4_nLlQKq2U5BVAnVZpqXEF5vExBpUtQiw7WIKy7U1UzEncRjZ5REg-bMuwpl2p0v6w9tIRsn9JwxCigPYFSdmChlD_hPJYidDNo0rNvpts5cqndiFpm7KU_RIhcN42sAbrn52oX2FtBwiEQJ0O2MFv7iatBoMUyrzOB5MRZ4U3zHhi2hwcU2XzJEGjVMtUIldnEdg7jzuKMmqdB8L4wehKxcE_Qt2hRg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3af8b73f5f9a5c8ebf67b617a5cca3810f4d1e6f7135a88af0eb18c5f0a62716

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-32FVHk_erCbAC_C6pLa2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /gp/v/cm/_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-32FVHk_erCbAC_C6pLa2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /gp/v/cm/_/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Nov 2023 15:46:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK jsEvent.json Show response
www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/ 2 KB
899 B 278ms
277ms XHR
application/json 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/jsEvent.json

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://x.mail.hsbc.fr
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
S: LWSMCMRP102FR
Keep-Alive: timeout=5, max=99
Content-Length: 63

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 0E53 565 B
874 B 96ms
36ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14061722a688ac2bc2d671df589b0966a0d8a7e827c103c7ba433c08ade1bcd1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-Rf21S7dZxnYd5A0Pp6keRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-Rf21S7dZxnYd5A0Pp6keRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Mon, 06 Nov 2023 15:46:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame BCCB 287 B
1 KB 87ms
45ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf014b7b5511b0a0be57c77a1f3d3ff7e7dc9e18758cdad593d0382516113fb3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pOQwRpYit-PmUFInX7GQNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pOQwRpYit-PmUFInX7GQNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 15:46:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame 0E53 0
218 B 38ms
36ms Other
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-068yV6f9qupIl9mnai35VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 15:46:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-068yV6f9qupIl9mnai35VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 0E53 12 KB
13 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 08:02:07 GMT
x-content-type-options: nosniff
age: 287036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12426
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 14:06:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 08:02:07 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 0E53 18 KB
7 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3932b4e61df3d9b51323177de7cb626b69c125eb9476663824dc1e6f65f4d4f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 15:46:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7123
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d993a51ab878bdce"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 15:46:03 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.-ROBsaLqVp0.es5.O/am=CAM/d=1/rs=AOaEmlFgM6HuhyGEzRcMbJUxUzbQfgzI-w/ Frame BCCB 107 KB
37 KB 96ms
32ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.-ROBsaLqVp0.es5.O/am=CAM/d=1/rs=AOaEmlFgM6HuhyGEzRcMbJUxUzbQfgzI-w/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2853cdb271bd57599bdce02ebc7887b4578a1b6f2581bdf1d1c79a380ce52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37500
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 02:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 03:53:30 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame BCCB 2 KB
916 B 39ms
39ms Other
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a291dd8a64be2ba201c5c3cbe024c852c4eb91e448aa5fb8430d3002d741e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 15:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK jsEvent.json Show response
www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/ 2 KB
899 B 28ms
27ms XHR
application/json 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/jsEvent.json

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://x.mail.hsbc.fr
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
S: LWSMCMRP102FR
Keep-Alive: timeout=5, max=98
Content-Length: 63

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/ Frame 0E53 64 KB
23 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a17bff68442c68101315df711da6608b01326d28f6f92ad978154a44121c972b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23255
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:49:36 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame BCCB 50 B
89 B 25ms
25ms XHR
application/json 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fx.mail.hsbc.fr&client_id=305308388501-i74uvagis4bvh6d3su7illi9uk6qlsjn.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.-ROBsaLqVp0.es5.O/am=CAM/d=1/rs=AOaEmlFgM6HuhyGEzRcMbJUxUzbQfgzI-w/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oHbCASc0QMelvzQtow3oEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-oHbCASc0QMelvzQtow3oEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 15:15:53 GMT
content-encoding: gzip
age: 1810
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 06 Nov 2023 16:15:53 GMT

POST
H2 403 / Show response
sentry.io/api/1464115/store/ 61 B
388 B 193ms
147ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1464115/store/?sentry_key=7e55aca3579848e5aeb90c894d555a71&sentry_version=7

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:46:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

POST
H/1.1 200
OK jsEvent.json Show response
www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/ 2 KB
899 B 27ms
27ms XHR
application/json 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/jsEvent.json

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://x.mail.hsbc.fr
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
S: LWSMCMRP102FR
Keep-Alive: timeout=5, max=97
Content-Length: 63

GET
H2 200 m=w
www.gstatic.com/_/wallet/_/ss/k=wallet.tw.yrCKW5AgoEg.L.W.O/am=CAM/d=1/rs=AA2OPsDbA84Xxui_YoavyuBeoLlpaOPmBg/ Frame 4056 17 KB
3 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/wallet/_/ss/k=wallet.tw.yrCKW5AgoEg.L.W.O/am=CAM/d=1/rs=AA2OPsDbA84Xxui_YoavyuBeoLlpaOPmBg/m=w

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY5OTI4NTU2Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDAwOTYwMzIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.MHTkudHvkCYYKkavhz0WWa5IKKiXpuqlhc10yEDew6IYLx2M-yt0jm6zZiQNAMYuXgJ0m-5nWGuLGnBk_5wLP8xG19lr-fE2004tuRbF-NRW9QtRNTPxXx4_nLlQKq2U5BVAnVZpqXEF5vExBpUtQiw7WIKy7U1UzEncRjZ5REg-bMuwpl2p0v6w9tIRsn9JwxCigPYFSdmChlD_hPJYidDNo0rNvpts5cqndiFpm7KU_RIhcN42sAbrn52oX2FtBwiEQJ0O2MFv7iatBoMUyrzOB5MRZ4U3zHhi2hwcU2XzJEGjVMtUIldnEdg7jzuKMmqdB8L4wehKxcE_Qt2hRg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VXdxOsKJBxg.O%2Fd%3D1%2Frs%3DAHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8272f95b74b91f14b2398033d4de191e1c54e674b54ad3a41a4b413595fe12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/wallet
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2398
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 23:57:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="wallet"
vary: Accept-Encoding
report-to: {"group":"wallet","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/wallet"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 18:23:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4056 20 KB
2 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700|Google+Sans:500|Noto+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac37c9ad46de096ae596c9071e57b1817df4380f882185c57fe8ea81854fdffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 15:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 15:46:03 GMT

GET
H2 200 m=w Show response
www.gstatic.com/_/wallet/_/js/k=wallet.tw.fr.D1LZh1MfLik.O/am=CAM/d=1/rs=AA2OPsB8ZAC23HbWAeN53GxVGeWFEh6_aw/ Frame 4056 118 KB
42 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/wallet/_/js/k=wallet.tw.fr.D1LZh1MfLik.O/am=CAM/d=1/rs=AA2OPsB8ZAC23HbWAeN53GxVGeWFEh6_aw/m=w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d424132bb534577e241f7135a8064ef3651bfe1b1cf67136c3153dfa5349a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/wallet
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42561
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 04:52:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="wallet"
vary: Accept-Encoding
report-to: {"group":"wallet","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/wallet"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 20:49:13 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=iframes,iframes_styles_glass/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/ Frame 4056 133 KB
45 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=iframes,iframes_styles_glass/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b02e60f53e9819fe016e23ec61fadc7874f1a5c43ae03070b4f35af6d52364c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46294
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 13:59:59 GMT

GET
H3 200 Gpay_logo_light.svg
www.gstatic.com/wallet-objects/savetogooglepay/ Frame 4056 5 KB
2 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/wallet-objects/savetogooglepay/Gpay_logo_light.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

149d5c1087b7bf870c8e659156745c9f05c6bf96288a95912800bff2ea0950f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2088
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Nov 2024 21:51:14 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4056 22 KB
22 KB 86ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700|Google+Sans:500|Noto+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pay.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:10:29 GMT
x-content-type-options: nosniff
age: 333334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22308
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 19:10:29 GMT

POST
H/1.1 200
OK jsEvent.json Show response
www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/ 2 KB
899 B 27ms
27ms XHR
application/json 91.214.5.153
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcm-prod.hsbc.fr/3247/3008453121/XBW09WEA78JG/jsEvent.json

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.214.5.153 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 15:46:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://x.mail.hsbc.fr
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
S: LWSMCMRP102FR
Keep-Alive: timeout=5, max=96
Content-Length: 63

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
l.mail.hsbc.fr/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 505id1r2rydkm0rsefpuq50l
x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: BIGipServer~ccmp~ccmp_ats_ssl Value: 2634071306.47873.0000
.hsbc.fr/	1970-01-21 00:47:01	Name: utag_main Value: v_id:018ba54feeb40020caa6a923f5f00307400cc06c00b08$_sn:1$_se:1$_ss:1$_st:1699287361012$ses_id:1699285561012%3Bexp-session$_pn:1%3Bexp-session
.hsbc.fr/	1969-12-31 23:59:59	Name: tms_ref Value:
x.mail.hsbc.fr/	1970-01-20 17:27:49	Name: spot_dt Value: 3ae3d18d-a0dc-4958-9458-05f6b791556e
x.mail.hsbc.fr/	1970-01-20 17:27:49	Name: spot_uta Value: user_token
x.mail.hsbc.fr/	1970-01-20 16:01:27	Name: spot_st Value: 8dcf9620-97ff-4e49-909a-eeafc6ee464d
x.mail.hsbc.fr/	1970-01-20 17:27:49	Name: spot_camp Value: {}
x.mail.hsbc.fr/	1970-01-20 17:27:49	Name: spot_dnt Value: 0
.x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: st_p_access_token Value: 93a3a193b65ddb8cf9f52baa6c42a62ff968d925e562bce27dd3f9a455fd8c37
.x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: st_p_refresh_token Value:
.hsbc.fr/	1970-01-21 00:47:01	Name: LPVID Value: kxMzliN2YyY2Q3NDAxMTQ2
.hsbc.fr/	1969-12-31 23:59:59	Name: LPSID-86080147 Value: DSmxk02sSYOpHOUnaSL94A
x.mail.hsbc.fr/	1970-01-20 16:02:51	Name: reconnaissance_premier_view Value: true
.google.com/	1970-01-20 20:24:56	Name: NID Value: 511=q94DCyuP5YCI8EZ69hUVXzL7oj4_wDe0vRgk9VXzMM9_b6qNwrjyuBp1W3FMZcVNt7-pGz0PWy1mqRZ9GC0p1RBuSRhardoZWZ5q2yF__NucOHPgO7bRs_qFdjbrMtTy8WSuFNIFWX5zTKeDorPrmWjtjeiqVziSMKYEVYpLnxA
www.mcm-prod.hsbc.fr/	1970-01-20 19:36:45	Name: HSBCFRcdPersisted Value: null_3_373baada238a40739112c9b97415d63b
www.mcm-prod.hsbc.fr/	1969-12-31 23:59:59	Name: MCM-PROD-FRANCE-WDC Value: 3481586442.48129.0000
www.mcm-prod.hsbc.fr/	1969-12-31 23:59:59	Name: TS01f477b4 Value: 0105ea404aee0b0c62508e89c306a0f60aa742e6b633f8760705a5af943f9c5af58c213f715068dbb18461b09976c9d749958920a9
.hsbc.fr/	1969-12-31 23:59:59	Name: HSBCFRsession Value: 300845746_1699285561125_1699285562393_3247_883d25c892ac498db64a6becc8c97f5b
.hsbc.fr/	1970-01-20 19:37:25	Name: HSBCFRpersisted Value: null_3_373baada238a40739112c9b97415d63b_1699285562393_300845746_1699285562393_1
.x.mail.hsbc.fr/	1970-01-21 01:37:25	Name: G_ENABLED_IDPS Value: google
www.mcm-prod.hsbc.fr/	1969-12-31 23:59:59	Name: HSBCFRcdSession Value: 300845746_1699285563975_1699285562393_3247_883d25c892ac498db64a6becc8c97f5b

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier(Line 223) Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiOTNhM2ExOTNiNjVkZGI4Y2Y5ZjUyYmFhNmM0MmE2MmZmOTY4ZDkyNWU1NjJiY2UyN2RkM2Y5YTQ1NWZkOGMzNyJ9&cr=1098&wu=1285&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://s3.us-east-1.amazonaws.com/stellar-wsi-ugd5ypbfu9nx7se1epic/content_pages/download_wallet_pass/static_files/loader.gif?1557385709 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VXdxOsKJBxg.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9haxQKqkNZwniaaV-zSTS6Q1k20g/cb=gapi.loaded_1?le=scs(Line 29) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sentry.io/api/1464115/store/?sentry_key=7e55aca3579848e5aeb90c894d555a71&sentry_version=7 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
accounts.google.com
ajax.googleapis.com
akamai.tiqcdn.com
apis.google.com
cdnjs.cloudflare.com
cust1098.edp.cheetahces.eu
fonts.googleapis.com
fonts.gstatic.com
l.mail.hsbc.fr
lo.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
pay.google.com
s3.eu-central-1.amazonaws.com
s3.us-east-1.amazonaws.com
sdk.runstellar.com
sentry.io
spot.demostellar.com
ssl.gstatic.com
tags.tiqcdn.com
wpm.ccmp.eu
www.gstatic.com
www.mcm-prod.hsbc.fr
x.mail.hsbc.fr
178.249.97.23
178.249.97.70
178.249.97.99
18.245.60.117
18.66.97.79
184.30.216.26
23.212.201.96
2600:9000:223e:8400:7:2bfb:7c00:93a1
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:806::200d
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c1d::5c
34.120.154.120
35.158.91.159
35.186.247.156
52.219.169.253
54.231.163.80
62.27.116.23
62.27.116.25
91.214.5.153
06e1dd5e31751b1519ba94ba1e3a042d4b2cbe3a9cd82b76658b126605943b8b
073641845a6933321036fbc7d5f776a2297ec3a28885723f9a26ce220b845e0d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0cf4f9f12b3268a85354288767a5db153a2466c1b88a5e0229a9a8cb296826f2
102d125f3c4a171344273080f40b609d39eaeede7026d37f49e539f3b5d61166
14061722a688ac2bc2d671df589b0966a0d8a7e827c103c7ba433c08ade1bcd1
149d5c1087b7bf870c8e659156745c9f05c6bf96288a95912800bff2ea0950f0
1bdc85400467ba8eb767152fbb351052d16f9813ce28aca3b745bb8b84e7309c
1be0895d704b7e005a1c0e4dfcb2e7f61e3b7c8344fd07eed33172ef68307a4a
1f7f9acfa3de1d794238cca66befc165fe297e34e02633a81aad966dcb93c758
2174ec1145c19ad51ed3818cbf73add541fafecda5632ff40c509fb5e03cb5ee
2815178b8ac98183b23db0745d2cb351af5db84abbadf4e79bd15551be7dd098
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2997179b365e8555490549ec0a8b07a0ad78057c8c71e705b6ea12801ee40147
2a73ff47539c08d1e9399792a12e739a2e5f76e6ec0233ec1a736b2404bc3759
2a7cccd3809dfd84058e9cda3bc1509a42a1c60d9188e5af673113d7309cd263
2aa7d0d5bdb27cf66b0679c7649caefb326b8f963abb1e4bfbf13baf203f4e50
2e0038f0ed73ab5d6d81bb7780efa8101dc71c49e02ebbaa37ed8736bc71b484
2f9263e815d22d6dfbc623954892e276c1ea0fddc7c93a195f49fc4f7c36c212
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
33cab214aae462d46346af6ec79e519c9c0427b2b55e580b70acb1a06f206e19
35e23860bd9b7c75a52d021423f469572e4f3a5dd1d69cefadeec1020d753b0d
3827648c9d0ea8d1f62fce7199a9fc069a88a55a5e88af10f1e6cf92055c6f54
3a291dd8a64be2ba201c5c3cbe024c852c4eb91e448aa5fb8430d3002d741e18
3af8b73f5f9a5c8ebf67b617a5cca3810f4d1e6f7135a88af0eb18c5f0a62716
3c77ab5b67ba98ae35b5f3f6747a4bc4ad99888ad0f7d2c34fea0a46b935f618
3c79cbdcf1455bc6701f1dcf816ce792fa1021512d15698b1f761948e1cf956b
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
43b4d4ebc3f049db87187649d20d421c37efca5272680aa52c1de9cf7f9a1217
44a12d438c18a1f8c099c7a96a4673561816277334436a5a46f3974df63f75d4
49f62df0a26e9fc2b8c22eb949e5f211283ea169271c8e52293ffb4adf1e4957
4c22fd28650e27d761b8771d82fb89a06cd5ab16a75d5ecae9b24df8c80103b5
4f0cd4cbdadde4b6f7a089c358014b684365ff48ef102b364cc3f3650ef8aee9
4f7887cd604fdaba3daa7fdf2151408788f80aba89faec35e5af78d41febb73c
5274400ca7b9157ef9666ce342bfe53209296aacbfc8089600a026c74da7bb16
5320063f39a49e0a4349b616b2a7ab3c5994c097b17df298ebfe2e8a285232fb
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
629e64b4cef5a2338ac17d53fe1c534839871a6e303f7b5702e39d67f0fc7237
62cb961e3a64e563a3655668cd71cae15b165cc5865f1e2aa0918f8966a3570a
6a2de4c6807cf25d3272964d0800c9a00a865c12bc6cc8603d4f5a6f688f7e4f
6d7144aaf286a769b4d90794c2f48e80d4fe9acbde53468a071a00180493aab5
791bfc6f7858808cf51e58816ca610dab072e13091f839946d07ba6d83d9a92a
7931532269be36f6368351474ac688d7feabec33c7a03b172024796e7b616c39
7e79edc3bf0221b562052e079f583047f795f8bc981840ddb894aef33f6e09ca
8e655c3882657f2f73820929e6bb2e5a756098e3208b14a338af8ecc1c41bb80
9367b94d4b2363cb7cbe9d65db9581d83b4c1e10e637dfdd50b8f13011a4698a
9a9f91ede0b8c756d74214220c9df3c142c77dd04fce253c14682fa7fa3ba3a3
9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a
9d424132bb534577e241f7135a8064ef3651bfe1b1cf67136c3153dfa5349a0d
9e8272f95b74b91f14b2398033d4de191e1c54e674b54ad3a41a4b413595fe12
9eb932d925622895424b31b1a64fdf474067b601997899ab4a38414d8c88a9ef
a0e153237a2c6a8c0a547ceb80fa8acb7a0317ca02c8133c0c644d86cdf24f0d
a17bff68442c68101315df711da6608b01326d28f6f92ad978154a44121c972b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a51a91cf97d73a34cdae202b28a9ad251f1e9836e02bd333a34b9098ec2037d0
a5a4d565df51ba9d8f2523cb96174bb3ffaa73b1a6d4e611c116b67d19192799
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54
ac2853cdb271bd57599bdce02ebc7887b4578a1b6f2581bdf1d1c79a380ce52b
ac37c9ad46de096ae596c9071e57b1817df4380f882185c57fe8ea81854fdffa
ac48d0d6d4597db943bb03126bf6577587a2ac8ad97d44dfe5df4b6aab35c4e6
afd3a07766f78b9bf0b06b9531b048bd4dc93778ab0b71d5a6fb693d3df33e77
b02e60f53e9819fe016e23ec61fadc7874f1a5c43ae03070b4f35af6d52364c6
b0383faa942e93727c20cb5862ea722ea3f61a4dce0326d36b58a59be829cab7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ca0f4fdd623f4cea027c33c8ded05bcc0310566c0d04b4a52ee9cf9ca1621f
b9e708d8d9b84ab17d101e3fa77604358b9f3adb2f890330055c74da058f1a8a
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
c08ef0d5dfd2575fb52220720af66a422514ab933a935940808296fa136a62f7
c0caace4e2393f546c6a0f15dce76d5f61a9c74df256487feae0a96211a28a69
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cf014b7b5511b0a0be57c77a1f3d3ff7e7dc9e18758cdad593d0382516113fb3
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e
d88f6e840695a11cc1d5a347b14757cfb108b184d84162a674bad2cdcb5a16c2
db8b145f08a1be9b5ad911d38fc626f1b1daa10e1985ccdd49c2474fb4b20a99
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e446b8d570661fc35203501be1838ecadac97aa841ea486692cbc4a80c5b6f51
e890156c5be12852ecb387a0ed3b800f4b03e9d060cac842fcfae2bd55915ce0
e9390af9547cd22bb7f0b6631279a17bbe8b099910f1c14aaa33731203993a19
eb3badfb580bdda696c56b503ced3c0d08c9f9008ccaac253a5d4024cd843afc
f28540562bdab2dd8ac6e8fc6bfb2a76c0cb68f6fc140b77e434c72679fdee9f
f3932b4e61df3d9b51323177de7cb626b69c125eb9476663824dc1e6f65f4d4f
f77dcf713be7cfdcaf1efd18e9f7c60305366e2c716c7d0f8afe952f835a6ffb
fb0aab98cf111ff976ff8fe32533d3cd88ddf81504184259b28d7bd0dba227b4

x.mail.hsbc.fr Open in urlscan Pro 62.27.116.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

42 %IPv6

15 Domains

26 Subdomains

26 IPs

4 Countries

2663 kBTransfer

5539 kBSize

22 Cookies

3 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

x.mail.hsbc.fr Open in urlscan Pro
62.27.116.23 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

42 %
IPv6

15
Domains

26
Subdomains

26
IPs

4
Countries

2663 kB
Transfer

5539 kB
Size

22
Cookies

95 HTTP transactions
0 data transactions