carousell.bankway.space Open in urlscan Pro
2606:4700:3033::ac43:a717 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Submission: On March 06 via manual (March 6th 2024, 7:03:03 am UTC) from HK — Scanned from DE

Summary HTTP 38 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3033::ac43:a717, located in United States and belongs to CLOUDFLARENET, US. The main domain is carousell.bankway.space.
TLS certificate: Issued by E1 on February 19th 2024. Valid for: 3 months.

This is the only time carousell.bankway.space was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3033::ac43:a717	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.192.250.218 23.192.250.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	23.1.254.81 23.1.254.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.27.50 13.32.27.50	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
38	10

16 2606:4700:3033::ac43:a717 (United States)

ASN13335 (CLOUDFLARENET, US)

carousell.bankway.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.192.250.218 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-218.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.1.254.81 (Paris, France) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-1-254-81.deploy.static.akamaitechnologies.com

cdn.hsbc.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-50.fra56.r.cloudfront.net

www.hsbc.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bankway.space carousell.bankway.space	122 KB
9	hsbc.com.hk 1 redirects cdn.hsbc.com.hk — Cisco Umbrella Rank: 484350 www.hsbc.com.hk — Cisco Umbrella Rank: 164667	297 KB
5	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1491	514 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	36 KB
2	gstatic.com www.gstatic.com	515 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 709	12 KB
1	lpsnmedia.net lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4249	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
38	9

	Domain	Requested by
16	carousell.bankway.space	carousell.bankway.space code.jquery.com
8	cdn.hsbc.com.hk	1 redirects carousell.bankway.space cdn.hsbc.com.hk
5	cdn.walkme.com	carousell.bankway.space
3	www.google.com	carousell.bankway.space www.gstatic.com www.google.com
2	www.gstatic.com	www.google.com
2	unpkg.com	1 redirects carousell.bankway.space
1	lpcdn.lpsnmedia.net	carousell.bankway.space
1	cdnjs.cloudflare.com	carousell.bankway.space
1	code.jquery.com	carousell.bankway.space
1	www.hsbc.com.hk	carousell.bankway.space
38	10

This site contains links to these domains. Also see Links.

Domain
www.hsbc.com.hk

Subject Issuer	Validity	Valid
bankway.space E1	`2024-02-19` - `2024-05-19`	3 months	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-04` - `2024-12-03`	a year	crt.sh
cdn.hsbc.com.hk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-25` - `2025-03-26`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Frame ID: B4B85B9181BF7A271C2C41D7989BCA53
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Les888ZAAAAAOHLgqVrsJyhzrLFZsG2rUPj9_15&co=aHR0cHM6Ly93d3cuaHNiYy5jb20uaGs6NDQz&hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=uq9plu2tr1a7
Frame ID: FFDA0DA0D9DCCEEECE9EBD75AE5A28DB
Requests: 5 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/storage.secure.min.html?loc=https%3A%2F%2Fwww.hsbc.com.hk&site=78938340&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 71B43CA9C479838190ACF57AFFFBBD25
Requests: 1 HTTP requests in this frame

Frame: https://carousell.bankway.space/supportChatFrame/176573816
Frame ID: D403BEC37F9809B08FA770B6A2D425AB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Username | Log on | HSBC

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

95 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

1547 kB
Transfer

3499 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hsbc.com.hk/

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/online/dashboard
Title: Log on

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/legal/maintenance-schedule/
Title: Maintenance schedule

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/help/cybersecurity-and-fraud/
Title: Online security

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/digital/online-and-mobile-banking-terms/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/misc/privacy-security/
Title: Disclaimer & Internet Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/ways-to-bank/internet/#content_main_title_4
Title: Not registered for Personal Internet Banking?

Search URL Search Domain Scan URL

URL: https://www.hsbc.com.hk/digital/cross-border-banking/
Title: Cross border disclosure Opens in new window

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg HTTP 301
https://www.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg

Request Chain 12

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 176573816 Show response
carousell.bankway.space/personal/ 172 KB
81 KB 496ms
474ms Document
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baaa0e604618d6c368bb402beaf245a1d55ef80b4875c7987130c5bbff9da6ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86007bb6da1a35e7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 07:02:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR7fAe1LPtLrSWB%2FXqi6z6rXEKlD%2BfFol%2FUxDEY5wuz9RrbA0XughUyrPwvzApPNNhnByR4KKLowBHRtWov1DB7XrFRNrszRq%2BBBeydwlG%2B5rH2W9j70He0kGWs40%2FbBEuOciVbUQXe1cnb9LyjPI6xovQAM5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 support_parent.css
carousell.bankway.space/css/ 4 KB
1 KB 41ms
40ms Stylesheet
text/css 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/css/support_parent.css
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0d9e97528d972063f9f9a22accaf21284ea8216008bddea7ab16428e098d47b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 Mar 2024 00:56:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"104f-18e06f61f68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyh0TFQvR8EJGZkEuX7AXHgyvCIdy0KxlRWl8y35%2BodEZTzzfJ1cZIMa2eaB4Snh15NaXoAQlHE10%2BDrYLa8GLm5SSr1e6MdU0xsyFup5K4dxDTypV0DizA5hb9lve04VfHX%2BbsghIlrVuvE1qQdNIkxNAprVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 86007bb9dd6335e7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 prelib-plugin-e2d9d95f-9c46-36d7-8eb1-fe3ffb766487.js Show response
cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/scripts/ 121 KB
41 KB 65ms
13ms Script
application/x-javascript 23.192.250.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/scripts/prelib-plugin-e2d9d95f-9c46-36d7-8eb1-fe3ffb766487.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-218.deploy.static.akamaitechnologies.com

Software

Resource Hash

78bb9def9a72e745928a135a10ba32931988a3525345f322b57ba58261032535

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: 2RsTQe9lzhQrN1xOrQhTujJ6r02orV8L
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:58 GMT
access-control-allow-private-network: true
x-amz-request-id: BD7BW771ZSBA89QH
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 41705
x-amz-id-2: 6MU7+M9BD2MeRnxhKjRVSwmG0l1HGH9LT2lKH30tRYKT9r3q/Q8b3g0InH+arNupubY34FrhnHs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jun 2022 09:28:01 GMT
etag: "6124c07f8cd0cd5226ae03c1f383974e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=28554768
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20220731-162001-a355eed0-b4242287.br.js Show response
cdn.walkme.com/player/lib/ 2 MB
453 KB 88ms
36ms Script
application/javascript 23.192.250.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20220731-162001-a355eed0-b4242287.br.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-218.deploy.static.akamaitechnologies.com

Software

Resource Hash

7b9875e001c1bd5b8e28c829f00757e4ac0cc2ab94266e9c45b899ca2a7227a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: gIS4J_wZzBUx__qJvSZXbqHvQpnWZB4V
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:58 GMT
access-control-allow-private-network: true
x-amz-request-id: K5QBDE0Y47ZJK94A
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 463258
x-amz-id-2: dUu017lvtQurBnPSlA/Px2rhqDCPIG+2BzmLY0zw8Np/PKpixT7jRT3FZumwgeJ/oAQZEkMEGzU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 31 Jul 2022 16:42:38 GMT
etag: "d38dd0c6aad1af810a333a8be86e3735"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=28584565
timing-allow-origin: *

GET
H2 200 walkme_config_d46e39e4fc574f42a9111f5a2880fed2.js Show response
cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/ 3 KB
2 KB 95ms
44ms Script
application/javascript 23.192.250.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/walkme_config_d46e39e4fc574f42a9111f5a2880fed2.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-218.deploy.static.akamaitechnologies.com

Software

Resource Hash

bef9554124d08539a99e1c8016d82359f5f6561c206ccb172521cac277d3d62e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: er.5m2hO_kNvO8Paja0nNePWN2PTZq0X
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:58 GMT
access-control-allow-private-network: true
x-amz-request-id: BD7A1249PRS68HKQ
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 1614
x-amz-id-2: xbsR/At2HeglD+6DQpPH2lS2MGIr3vC0RehcJuym8XJYD3mcPFJ8IuWWXUjxBMhSURs7WkgmeCM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Jul 2022 07:26:14 GMT
etag: "f74635a3bc2cdaaee487edcb4f1e6eec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=28554704
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 data_294d59dbe5fa4250bf311914facfa261.br.js Show response
cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/ 64 KB
12 KB 81ms
29ms Script
application/javascript 23.192.250.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/data_294d59dbe5fa4250bf311914facfa261.br.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-218.deploy.static.akamaitechnologies.com

Software

Resource Hash

8d5ddf9a1d0da03b8404b9ee4fc635fb2ff44e94bf6b6b17ccd8ff338e3d2de2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: FWdXKggzRJKJmVwv9_0TzmHm.vfNkVax
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:58 GMT
access-control-allow-private-network: true
x-amz-request-id: CRPYY091DDP9RWQE
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 11246
x-amz-id-2: 1e8YfB8a4lCQ9eAAw5Ly9WCxvOjRBYE9ljLmfmacVPbci2lngtJuLK4kTGS7krcmlW6UX70ZUhE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 03:42:52 GMT
etag: "4822c2c0df38fc5281cde8ec0b37e5cf"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=28555654
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 custom_css_294d59dbe5fa4250bf311914facfa261.css
cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/ 32 KB
5 KB 128ms
30ms Stylesheet
text/css 23.192.250.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/ed30a4375b7b4f9b8d9d8fd5bda693ad/custom_css_294d59dbe5fa4250bf311914facfa261.css

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-218.deploy.static.akamaitechnologies.com

Software

Resource Hash

103003a6f545842190e66469ca7548c01a8fd008841eff34f8598bb461b49e71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://carousell.bankway.space/
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: KUbuGZIAX_FvaB_ejULwGzF3aRistT_h
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:58 GMT
access-control-allow-private-network: true
x-amz-request-id: PS0CQ9Y8C9SDCB4Y
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 4888
x-amz-id-2: 8sMz2+MyVHrwDZnt+Y2zm/GUl1fDc+rZ7hp7zGH7dH+YlRA6PbEfMrYhyqlCzK++ZOkiZGK64Fg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 03:42:49 GMT
etag: "93b8f87dac4687dd19d658b1dd147854"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=30234642
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css
cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/ 120 KB
78 KB 290ms
20ms Stylesheet
text/css 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

ca544ba85d60287eb39676d0e471681332bf82921a7f8149c73823cb7d7e9893

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:59 GMT
last-modified: Sun, 02 Jul 2023 18:10:38 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=23305239
accept-ranges: bytes
s: hkp1v-prod-tko-aempub
content-length: 79229
x-xss-protection: 1; mode=block

GET
H2

200

HSBC_MASTERBRAND_LOGO.svg
www.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/
Redirect Chain

https://cdn.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg
https://www.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg

4 KB
2 KB

143ms
10ms

Image
image/svg+xml

13.32.27.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Server

13.32.27.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-50.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

fc306ad03e79f14ca1a1a484d4e790b839ac0661246015e05c9ae575ec1b09f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 15:39:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 228189
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-C2",cdn-rid;desc="pSgv-rLLnBEDPXFUvKH__xft35VCCmKmyMfhpLNnlmr-HjEmgJZXJA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=4
content-length: 1342
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Dec 2023 19:37:20 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
s: dispatcher2apsoutheast1
x-amz-cf-id: pSgv-rLLnBEDPXFUvKH__xft35VCCmKmyMfhpLNnlmr-HjEmgJZXJA==

Redirect headers

location: https://www.hsbc.com.hk/content/dam/hsbc/hk/images/webauth/HSBC_MASTERBRAND_LOGO.svg
date: Wed, 06 Mar 2024 07:02:59 GMT
cache-control: max-age=0
x-n: S
server: AkamaiGHost
content-length: 0

GET
H2 200 Transmitmain.min.e0b19721c3473004e230.css
cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/js-files/ 260 KB
44 KB 331ms
61ms Stylesheet
text/css 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/js-files/Transmitmain.min.e0b19721c3473004e230.css

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

d45a6fcf975da20a9f76220b3e8b8a0d88c992eac53833acf0fe417ae018bbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:59 GMT
last-modified: Sat, 19 Aug 2023 17:50:07 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=23025485
accept-ranges: bytes
s: hkp1v-prod-tko-aempub
content-length: 44607
x-xss-protection: 1; mode=block

GET
H2 200 clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/ 112 KB
76 KB 341ms
71ms Stylesheet
text/css 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

6fc2cfc62b3b2aac1231142913ec431ccd158b2a5bd978fd46761c92f25b698e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:02:59 GMT
last-modified: Sun, 17 Apr 2022 05:25:29 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=23977595
accept-ranges: bytes
s: hkp1v-prod-tko-aempub
content-length: 77063
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 28ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://carousell.bankway.space/
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2166197
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230127-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709708579.905127,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15, 848147

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ 14 KB
5 KB 32ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://carousell.bankway.space/
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1163176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fe182ae-3813"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBCwU7tNND0sQ%2FX7xCtGWqmCfsydbdGP%2Fxn1jciWQu2%2FOxO5FfFtOw3cCVPlXd%2BXY%2FaBLNjenS8kCpxVFramfewT%2FKFBN5623VdthUYxGeSoZVuZzCORHBZjM1VyrKqBDMqpCO3g4%2B%2Fls21%2B1xNMVRGJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86007bba1e661e4b-FRA
expires: Mon, 24 Feb 2025 07:02:58 GMT

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

17ms
17ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9773340
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF60JDVP4N9861VQNDFB4S93-fra
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86007bba3ac97185-FRA

Redirect headers

date: Wed, 06 Mar 2024 07:02:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HR98Q85GQYXDXJE3DT0ZMQ5T-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 453
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 86007bba1aad7185-FRA

GET
H3 200 lk.js Show response
carousell.bankway.space/js/ 12 KB
3 KB 42ms
42ms Script
application/javascript 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/js/lk.js
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 81966f32e7dc1603f92a9e3ebb1b90d2e0761c946d56cc29063a3ff74aec361c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 04:50:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3193-18e1218ec18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW6AohmXVifo7Vg%2FwwC6Prt8iJQkEiRlTAIdGa%2BcrQD5YRfgHHgkbAXtez9R9oZD0PWi0Z%2B7OkFqoItWenVoCjSZNuAZ6G2Z18qJ4Rtf2mHiYVP8pkLTKaQoc7aURaEY2MxBMmiVs5WEW5KH4DQXiyUpZDYc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 86007bba0c6b92a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 UniversNextforHSBC-Regular.woff
cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/assets/fonts/UniversNextforHSBC-Regular/ 26 KB
26 KB 66ms
28ms Font
application/font-woff 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/assets/fonts/UniversNextforHSBC-Regular/UniversNextforHSBC-Regular.woff

Requested by

Host: cdn.hsbc.com.hk
URL: https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2c9f8279b2f7f4864ff4a2685306c9d978a30b82d0c396ed20752f22374c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Wed, 06 Mar 2024 07:02:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Feb 2024 23:36:55 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7289324
accept-ranges: bytes
s: hkp4v-prod-skm-aempub
content-length: 26196
x-xss-protection: 1; mode=block

GET
H2 200 HSBCIcon-Font.woff
cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/assets/fonts/HSBCIcon-Font/ 23 KB
23 KB 85ms
47ms Font
application/font-woff 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.woff

Requested by

Host: cdn.hsbc.com.hk
URL: https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9a3b36151838b0f414f746033f07a79989e9b4bbe327190e395ffe631ff7a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.com.hk/etc/designs/dspwebauth-headerfooter/clientlib-all.min.d5b2187e9c840dd357fb9549e6baaf62.css
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Wed, 06 Mar 2024 07:02:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Feb 2024 20:40:41 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7289329
accept-ranges: bytes
s: hkp4v-prod-skm-aempub
content-length: 23724
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FFDA 45 KB
29 KB 57ms
36ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Les888ZAAAAAOHLgqVrsJyhzrLFZsG2rUPj9_15&co=aHR0cHM6Ly93d3cuaHNiYy5jb20uaGs6NDQz&hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=uq9plu2tr1a7

Requested by

Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4391ddecefac77f7652e5a966f3509959354beb8b6c90bab2d890d076d7b63d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PHqIyl75w0G_T2um9L3Uxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://carousell.bankway.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PHqIyl75w0G_T2um9L3Uxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Mar 2024 07:02:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 time.svg
carousell.bankway.space/assets/banks/hsbc/images/ 682 B
935 B 44ms
44ms Image
image/svg+xml 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carousell.bankway.space/assets/banks/hsbc/images/time.svg
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d15f9723ea3442c211f18565e32e53f014bd3a89736b1dcee4f6dbf0f77e1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 13 Feb 2024 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2aa-18da286f4d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FakL7X7PbmBjdbtqcgPpyL3ToUyXwOyDo4hBlRIDRUlavJkyYM%2FLK5PvHyq2pbc%2Bn054IfpUnqbtZgDNu0LmEOZYjadl1sv3AdngWPaG8StLxHz9IoceNT9%2Bb3d6vr8WQk%2BHOd5RdoRbeKQkr57qD7a%2B%2FxV0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86007bbc3da892a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 security_secure.svg
carousell.bankway.space/assets/banks/hsbc/images/ 1 KB
1 KB 42ms
41ms Image
image/svg+xml 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carousell.bankway.space/assets/banks/hsbc/images/security_secure.svg
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b1001bce53cdab061fd0b549cdd3e451adbcd3413c227f032880edfddb56fcd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 13 Feb 2024 12:52:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"425-18da28717f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnKAJ9ZO7rYdOQBRF5Rt8xyEGbVNZSWmSYnBNwO2sIO66ErfGCk9io72vJ45VUka%2FFb5V8qH3RhbOND8ID5LY33fgPZP9hI65nCz5JuuOoB2YVoeOzdn6EjvGfWyvtgDDbV7MHJJlOnASTtSpvYKQSgDxogcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86007bbc3da992a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 UniversNextforHSBC-Regular.woff
cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/assets/fonts/UniversNextforHSBC-Regular/ 26 KB
26 KB 75ms
54ms Font
application/font-woff 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/assets/fonts/UniversNextforHSBC-Regular/UniversNextforHSBC-Regular.woff

Requested by

Host: cdn.hsbc.com.hk
URL: https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2c9f8279b2f7f4864ff4a2685306c9d978a30b82d0c396ed20752f22374c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Wed, 06 Mar 2024 07:02:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Feb 2024 22:07:42 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7289324
accept-ranges: bytes
s: hkp4v-prod-skm-aempub
content-length: 26196
x-xss-protection: 1; mode=block

GET
H2 200 HSBCIcon-Font.woff
cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/assets/fonts/HSBCIcon-Font/ 23 KB
23 KB 88ms
67ms Font
application/font-woff 23.1.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/assets/fonts/HSBCIcon-Font/HSBCIcon-Font.woff

Requested by

Host: cdn.hsbc.com.hk
URL: https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.1.254.81 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9a3b36151838b0f414f746033f07a79989e9b4bbe327190e395ffe631ff7a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.hsbc.com.hk/etc/designs/DSP_SaaS_Milestone-Global/clientlib-all.min.5c23575dd2a45b73c671a7797acc5d2d.css
Origin: https://carousell.bankway.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
date: Wed, 06 Mar 2024 07:02:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Feb 2024 20:40:40 GMT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7289328
accept-ranges: bytes
s: hkp4v-prod-skm-aempub
content-length: 23724
x-xss-protection: 1; mode=block

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/ Frame 71B4 46 KB
16 KB 36ms
8ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/storage.secure.min.html?loc=https%3A%2F%2Fwww.hsbc.com.hk&site=78938340&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 937c84900267b6b690579cf739922558dd457ab8de64ce9fec84656ab9e023b1

Request headers

Referer: https://carousell.bankway.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 1269100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15838
content-type: text/html
date: Tue, 20 Feb 2024 14:31:19 GMT
etag: W/"df1d42d31c469ec02a2cebf62bf3b3ed"
last-modified: Sat, 30 Dec 2023 06:02:39 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1703916159029164
x-goog-hash: crc32c=L4KvmQ== md5=3x1C0xxGnsAqLOv2K/Oz7Q==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47040
x-guploader-uploadid: ABPtcPqT0Gb0wCAOKegzY3_Ju68myC6a1ucAR8vcLMkaZbOtbF5tHkeqSVrJcFDBFEz9j9EjEhs

GET
H3 200 176573816 Show response
carousell.bankway.space/supportChatFrame/ Frame D403 23 KB
7 KB 106ms
105ms Document
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/supportChatFrame/176573816
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 90dc2caa3120d76a9be08f7df29b012b195db647088e6a9bbe5065e74edae414

Request headers

Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86007bbc5db192a8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Mar 2024 07:02:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OObGZUqyZn%2FrwK%2BkCpJhOitF8XrOQQr%2B6WX2Smb13f5krleMVXnsvAokTFiKKHkpU5kBAvG3E592YKSvVpnnQXzr%2BUM2vYyFJuRvMalMQfswCtEjBhAfyw6h51zLtvfv%2B5oazzeq3kAANcqRCinEUjy%2Fh2ykxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H3 200 supportIcon.svg
carousell.bankway.space/img/ 1 KB
1 KB 39ms
39ms Image
image/svg+xml 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carousell.bankway.space/img/supportIcon.svg
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/css/support_parent.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/css/support_parent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4d3-17ae2556488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LYsKpl0%2BGfp%2F15BOlgpUDQ%2Bu4Z3S3Z1vuy8kIJMZfAd%2BMn0JIRocUuZO1fOtaXcBCY%2BIkmR2QxWigMYMWjpprqH2SzGoKOMwElDpKqJMyPv9TlLurqxyUrHjtEA5t%2FUEhZeWaLdPHp%2Ffz%2F6JYBfW7msgKEAUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86007bbc5db492a8-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 checkStatus Show response
carousell.bankway.space/api/ 15 B
495 B 101ms
101ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2241a4b4857f316f8132fac76b63c8e70fe515f2358d406d06ce157f12d07e05

Request headers

Accept: */*
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-RCO2aid3rGqKuy26m/Gf69Gs9kI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxQUJbPQMMqLLkhpiLSQd59IWgD6MWoSfk5Qk0aUd80Pe0GQMMwgYdwfGhq%2BKmK1RgP9XOAJInpPwBpTw%2BS6mwLuU7FZeeOYsTkPvRhxvj%2Bu7r0ksPDd7xWgGUUdXh%2FSvZCM3thMkFsk7TSZxt5lxUE4JrJnFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bbc5db592a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame FFDA 55 KB
25 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Les888ZAAAAAOHLgqVrsJyhzrLFZsG2rUPj9_15&co=aHR0cHM6Ly93d3cuaHNiYy5jb20uaGs6NDQz&hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=uq9plu2tr1a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:30:02 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame FFDA 490 KB
490 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aa02ad9ec4550065de8002ea1108be5d10bbb1173d2f3447f88ce1af317d4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:57:07 GMT
x-content-type-options: nosniff
age: 79552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 501379
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:57:07 GMT

GET
H3 200 support_chat.css
carousell.bankway.space/css/ Frame D403 101 KB
17 KB 65ms
64ms Stylesheet
text/css 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/css/support_chat.css
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/supportChatFrame/176573816
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/supportChatFrame/176573816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"195ce-17ae2556488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE8goEcoWBj5Q6p9qK0T1n6IOijnxyNj3gVSbPw6%2FRdiI%2F0BxOz2wSMMdAIMtDgHB1o2IovEffXuJC7YEtIy2VcQgz4DCSByIeVmm90b7K15T0Bh5sKdy7aK%2B5bfUaAAyzaDyEPLdGDp6mFBa1qRmtOZSSa4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 86007bbd0e1392a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 axios.min.js Show response
carousell.bankway.space/js/ Frame D403 14 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/js/axios.min.js
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/supportChatFrame/176573816
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/supportChatFrame/176573816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3815-17ae2556488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfZET8GtrCyPDf6HU2o%2Ft1gn%2BxHPJ468qsID75Qw3GFYm5Qizz7YByJo5SZo%2FvJzXxkz%2BvrhJ%2Fxtw15NMLP8GBkDHHdK8aNitpQ2iz7JGSybGW0iPp%2BSXP3nowSsxZwjVY8lhzyqikWKtWjcdp5OxXD6p33xDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 86007bbd0e1c92a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 support.js Show response
carousell.bankway.space/js/ Frame D403 5 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/js/support.js
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/supportChatFrame/176573816
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carousell.bankway.space/supportChatFrame/176573816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Mar 2024 17:03:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"12d5-18dfaf8e0d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6K8FSwxSJBRPJxFXgBYxB5oO%2FB940zg6%2BFbgpAd8gxP4O7cT1xBshseyM6Oq36NCTFDpZDn3PPVpzxq7VvxnUHJiLUNhXq18sJ0WBBeVrtQ8hJOMWbEEom3S%2FWl09MdiehYfnRCvAmdgH%2B3Ee5%2FZQG4WlUzG2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 86007bbd0e1e92a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame FFDA 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Les888ZAAAAAOHLgqVrsJyhzrLFZsG2rUPj9_15&co=aHR0cHM6Ly93d3cuaHNiYy5jb20uaGs6NDQz&hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=uq9plu2tr1a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:50:12 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame FFDA 102 B
289 B 17ms
17ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b918b6cef39462c9fed66b7ce89d8fd5fe04984c12f689e88327a703d738a0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Les888ZAAAAAOHLgqVrsJyhzrLFZsG2rUPj9_15&co=aHR0cHM6Ly93d3cuaHNiYy5jb20uaGs6NDQz&hl=en&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=uq9plu2tr1a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2024 07:02:59 GMT

POST
H3 200 getMessages Show response
carousell.bankway.space/api/support/ Frame D403 15 B
497 B 92ms
92ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/support/getMessages
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://carousell.bankway.space/supportChatFrame/176573816
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:02:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pEvW9p%2BaSSSvNNUdm%2F5qJr57y2AGH6sN%2B6le33Hp%2FWjaLSqR%2Bjwt7avNT9cP9mzNn6qGnvBALPkMZmSB1WsLsf9IQ1k9L2f11mpKpkB5v6ViFpwKO8V3FY%2BiOJSVowcNuZKxMvKc2h%2F4jFhocP89lxmr5qAgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bbd7e6f92a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 checkStatus Show response
carousell.bankway.space/api/ 15 B
493 B 58ms
56ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2241a4b4857f316f8132fac76b63c8e70fe515f2358d406d06ce157f12d07e05

Request headers

Accept: */*
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:03:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-RCO2aid3rGqKuy26m/Gf69Gs9kI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDTqLmAMHRLlkg0rQstu2ytK8MUsGuXj%2BuaL4LbxaZnryeJ6FKT6a2Ukt6fC%2F9w1%2FSo8X6ATMsfXN%2BZmycHZ5hnd%2Fy6guLO1QxtGWNQfb2Q85HngKLSTWcRNq5L3MKljzu4455iTylXGfsR0khoqedjP1Q1obw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bc66ccf92a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 getMessages Show response
carousell.bankway.space/api/support/ Frame D403 15 B
497 B 89ms
89ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/support/getMessages
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://carousell.bankway.space/supportChatFrame/176573816
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:03:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8hUCAJBV14CsZ7FfFv7A97DJV%2Fg7ye36h3d6JuNWrZxt1Q%2FzeUjaq85wFgPZp4eIpL%2FmGHPhEhTqfhQ5GUVQAS%2FPbUK9kDdzTeVy0hux%2B0hZbjD7iAav2dLeYQHbyIAv1c7P3Fxq%2BRI9zLSO6F3aaqXSH5vuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bc77d8a92a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 checkStatus Show response
carousell.bankway.space/api/ 15 B
505 B 88ms
88ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/checkStatus
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2241a4b4857f316f8132fac76b63c8e70fe515f2358d406d06ce157f12d07e05

Request headers

Accept: */*
Referer: https://carousell.bankway.space/personal/176573816?refer=3&bank=6
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:03:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-RCO2aid3rGqKuy26m/Gf69Gs9kI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFB4tpZAXtIG1RbTu%2BQ3iYD9L%2F%2FvCAC1bJ85AjAw0x3mU6Y%2BMYOcLKx%2B%2Fm4n%2FyxudwreHiU8qy4oM6l7CnJi88n%2BYvyHFsH%2FyymHQBOXBatHXn31coD%2F6mmggp5qU%2F1OYI%2Bf7yA7504T8XTi7v2p0reWPLDd%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bd02be492a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 getMessages Show response
carousell.bankway.space/api/support/ Frame D403 15 B
493 B 87ms
86ms XHR
application/json 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carousell.bankway.space/api/support/getMessages
Requested by: Host: carousell.bankway.space
URL: https://carousell.bankway.space/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

Accept: application/json, text/plain, */*
Referer: https://carousell.bankway.space/supportChatFrame/176573816
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 07:03:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOAyD2KS2xB4r6cz0VShv7zIIINs8wyC%2FdwR%2FlaJse2UDTM0HqSKJQQ1KzU%2FvcCYvo8MPHgumj25qPrtCnChHRMyJswRzE0AJT3NcMems5dNbfPxFXtL%2F0LBjyOBqdfjDcjwF5TZiolqNBAwiu6s3Aw63WxjUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 86007bd16d0f92a8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			carousell.bankway.space/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A1EaK-WCGS9YGfoxvyZSKOe2AxMc7IspR.uVnf3DT7%2B%2Bn%2FQOzO8ucSXG2ukb%2Bb%2FNePU8qMIttq5Ig

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__en.js(Line 444) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.hsbc.com.hk') does not match the recipient window's origin ('https://carousell.bankway.space').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carousell.bankway.space
cdn.hsbc.com.hk
cdn.walkme.com
cdnjs.cloudflare.com
code.jquery.com
lpcdn.lpsnmedia.net
unpkg.com
www.google.com
www.gstatic.com
www.hsbc.com.hk
13.32.27.50
23.1.254.81
23.192.250.218
2606:4700:3033::ac43:a717
2606:4700::6810:7caf
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:812::2004
2a04:4e42:200::649
34.120.154.120
0d9e97528d972063f9f9a22accaf21284ea8216008bddea7ab16428e098d47b2
103003a6f545842190e66469ca7548c01a8fd008841eff34f8598bb461b49e71
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
2241a4b4857f316f8132fac76b63c8e70fe515f2358d406d06ce157f12d07e05
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b
3b918b6cef39462c9fed66b7ce89d8fd5fe04984c12f689e88327a703d738a0a
5aa02ad9ec4550065de8002ea1108be5d10bbb1173d2f3447f88ce1af317d4bd
5d15f9723ea3442c211f18565e32e53f014bd3a89736b1dcee4f6dbf0f77e1b3
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
6fc2cfc62b3b2aac1231142913ec431ccd158b2a5bd978fd46761c92f25b698e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78bb9def9a72e745928a135a10ba32931988a3525345f322b57ba58261032535
7b9875e001c1bd5b8e28c829f00757e4ac0cc2ab94266e9c45b899ca2a7227a0
81966f32e7dc1603f92a9e3ebb1b90d2e0761c946d56cc29063a3ff74aec361c
8d5ddf9a1d0da03b8404b9ee4fc635fb2ff44e94bf6b6b17ccd8ff338e3d2de2
90dc2caa3120d76a9be08f7df29b012b195db647088e6a9bbe5065e74edae414
937c84900267b6b690579cf739922558dd457ab8de64ce9fec84656ab9e023b1
a4391ddecefac77f7652e5a966f3509959354beb8b6c90bab2d890d076d7b63d
b1001bce53cdab061fd0b549cdd3e451adbcd3413c227f032880edfddb56fcd5
baaa0e604618d6c368bb402beaf245a1d55ef80b4875c7987130c5bbff9da6ea
bef9554124d08539a99e1c8016d82359f5f6561c206ccb172521cac277d3d62e
ca544ba85d60287eb39676d0e471681332bf82921a7f8149c73823cb7d7e9893
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
d45a6fcf975da20a9f76220b3e8b8a0d88c992eac53833acf0fe417ae018bbc2
e9a3b36151838b0f414f746033f07a79989e9b4bbe327190e395ffe631ff7a31
ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0
f2c9f8279b2f7f4864ff4a2685306c9d978a30b82d0c396ed20752f22374c82f
fc306ad03e79f14ca1a1a484d4e790b839ac0661246015e05c9ae575ec1b09f7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

carousell.bankway.space Open in urlscan Pro 2606:4700:3033::ac43:a717 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

95 %HTTPS

60 %IPv6

9 Domains

10 Subdomains

10 IPs

3 Countries

1547 kBTransfer

3499 kBSize

1 Cookies

8 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

carousell.bankway.space Open in urlscan Pro
2606:4700:3033::ac43:a717 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

95 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

1547 kB
Transfer

3499 kB
Size

1
Cookies

38 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!