onlinepayments.hdfclife.com Open in urlscan Pro
2606:4700:4400::6812:211c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1kx.in/Jx9Qio
Effective URL:
https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Submission: On May 30 via manual (May 30th 2024, 3:26:13 pm UTC) from IN — Scanned from DE

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 2606:4700:4400::6812:211c, located in United States and belongs to CLOUDFLARENET, US. The main domain is onlinepayments.hdfclife.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 16th 2023. Valid for: a year.

This is the only time onlinepayments.hdfclife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.250.30.30 103.250.30.30	132781 (UNICEL-AS...) (UNICEL-AS Unicel Technologies Pvt Ltd)
1 1	15.207.165.84 15.207.165.84	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 21	2606:4700:440... 2606:4700:4400::6812:211c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.160.150.62 3.160.150.62	16509 (AMAZON-02) (AMAZON-02)
1	13.126.74.15 13.126.74.15	() ()
23	4

2 103.250.30.30 (India) 2 redirects

ASN132781 (UNICEL-AS Unicel Technologies Pvt Ltd, IN)

1kx.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.207.165.84 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-165-84.ap-south-1.compute.amazonaws.com

t.reminders.hdfclife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:4400::6812:211c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

onlinepayments.hdfclife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.160.150.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-62.fra60.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.126.74.15 (None, )

ASN- ()

bom-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hdfclife.com 3 redirects t.reminders.hdfclife.com onlinepayments.hdfclife.com	259 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4533	60 KB
2	1kx.in 2 redirects 1kx.in	667 B
1	eum-appdynamics.com bom-col.eum-appdynamics.com	868 B
1	goo.gl 1 redirects goo.gl — Cisco Umbrella Rank: 12066	1 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
23	6

	Domain	Requested by
21	onlinepayments.hdfclife.com	2 redirects onlinepayments.hdfclife.com
2	cdn.appdynamics.com	onlinepayments.hdfclife.com cdn.appdynamics.com
2	1kx.in	2 redirects
1	bom-col.eum-appdynamics.com	cdn.appdynamics.com
1	goo.gl	1 redirects
1	t.reminders.hdfclife.com	1 redirects
0	static.cloudflareinsights.com Failed	onlinepayments.hdfclife.com
23	7

This site contains links to these domains. Also see Links.

Domain
myaccount.hdfclife.com
www.hdfclife.com
www.youtube.com

Subject Issuer	Validity	Valid
hdfclife.com Cloudflare Inc ECC CA-3	`2023-10-16` - `2024-10-15`	a year	crt.sh
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-21`	a year	crt.sh
*.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-07-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Frame ID: BD75607D119313153A63B2F3286CB339
Requests: 21 HTTP requests in this frame

Frame: https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 710318027C173E56C1777D415CB5B29C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HDFC Life|Online Premium Payment

Page URL History Show full URLs

https://1kx.in/Jx9Qio HTTP 302
http://1kx.in/Jx9Qio?redirect=true HTTP 307
https://1kx.in/Jx9Qio?redirect=true HTTP 302
https://t.reminders.hdfclife.com/r/?id=s13ab7647%2C866c804%2C3ee328 HTTP 302
http://goo.gl/FQL71D HTTP 307
https://goo.gl/FQL71D HTTP 302
https://onlinepayments.hdfclife.com/HDFCLife/quick_pay.html HTTP 302
https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

23
Requests

91 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

319 kB
Transfer

952 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.hdfclife.com/
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.hdfclife.com/privacy-policy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://www.hdfclife.com/content/dam/hdfclifeinsurancecompany/customer-services/form-and-download/policy-servicing-request-forms/050050021-Know-Your-Customer-Addendum-Third-Party-KYC.pdf
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Ebz_67U98qo
Title: HDFC Life Premium Payment Options Tutorial Video

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1kx.in/Jx9Qio HTTP 302
http://1kx.in/Jx9Qio?redirect=true HTTP 307
https://1kx.in/Jx9Qio?redirect=true HTTP 302
https://t.reminders.hdfclife.com/r/?id=s13ab7647%2C866c804%2C3ee328 HTTP 302
http://goo.gl/FQL71D HTTP 307
https://goo.gl/FQL71D HTTP 302
https://onlinepayments.hdfclife.com/HDFCLife/quick_pay.html HTTP 302
https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request quick_pay.jsp Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/
Redirect Chain

https://1kx.in/Jx9Qio
http://1kx.in/Jx9Qio?redirect=true
https://1kx.in/Jx9Qio?redirect=true
https://t.reminders.hdfclife.com/r/?id=s13ab7647%2C866c804%2C3ee328
http://goo.gl/FQL71D
https://goo.gl/FQL71D
https://onlinepayments.hdfclife.com/HDFCLife/quick_pay.html
https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

39 KB
10 KB

191ms
190ms

Document
text/html

2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22dac1d873d404fcb04c48d46053ddee153251ca0feb76fccc01fb000933b1dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88bfbda42b3e372f-FRA
content-encoding: br
content-language: en-US
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
content-type: text/html; charset=ISO-8859-1
date: Thu, 30 May 2024 15:26:08 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88bfbda2d89f372f-FRA
content-type: text/html; charset=iso-8859-1
date: Thu, 30 May 2024 15:26:08 GMT
location: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H3 200 jquery-3.6.0.min.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/ 87 KB
32 KB 242ms
241ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/jquery-3.6.0.min.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e710497-FRA

GET
H3 200 json2.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/ 18 KB
6 KB 230ms
229ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/json2.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714b50332e941421d3a878078674880771d4c43c16ab0292864c405c3234d420

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e760497-FRA

GET
H3 200 tjs.min.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/tjs/ 15 KB
5 KB 233ms
231ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/tjs/tjs.min.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406075971c0f259dc6ba83d8a977afacbba51916ebbc97fc4ff784a7ab2843d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e7a0497-FRA

GET
H3 200 bootstrap.min.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/ 36 KB
11 KB 234ms
232ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/bootstrap.min.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ff7f29d972da2ec37c489037efc989d86d46e24b8e14911017d9b169b97dee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e7e0497-FRA

GET
H3 200 aes.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/ 13 KB
5 KB 231ms
230ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/aes.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb0aa7dfaf27c60ceb2f2fa8ad3b3a3236bb52578ccb112449f75dd807c2295

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e800497-FRA

GET
H3 200 jquery-ui-1.13.2.min.js Show response
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/ 249 KB
69 KB 194ms
192ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/js/jquery-ui-1.13.2.min.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf81c8e8905427ef256a5365ead7440e44ac83399a37b5289f878e8a44afd7bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/javascript
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e830497-FRA

GET
H3 200 bootstrap.min.css
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/ 119 KB
20 KB 276ms
275ms Stylesheet
text/css 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/bootstrap.min.css

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e095b71bbf73951460aeab2927ac36313b245ada527eea70672afe8746fb82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent,Accept-Encoding
content-type: text/css
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e840497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 jquery-ui-1.13.2.min.css
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/ 31 KB
8 KB 190ms
188ms Stylesheet
text/css 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/jquery-ui-1.13.2.min.css

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f761003b1e3a1b1e2da77428e6f22a5584f24541c0b3d99e66e80f606c49cca5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent,Accept-Encoding
content-type: text/css
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e860497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 common.css
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/ 115 KB
25 KB 242ms
241ms Stylesheet
text/css 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/css/common.css

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f96903d353214fa8c24aa7ef44bafb668e54dc55a56540643df36b73f60dbcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent,Accept-Encoding
content-type: text/css
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e880497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H2 200 adrum-22.9.0.3923.js Show response
cdn.appdynamics.com/adrum/ 109 KB
40 KB 37ms
7ms Script
application/javascript 3.160.150.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-22.9.0.3923.js
Requested by: Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-62.fra60.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: a4ea3de02f4ec1874478b152a09b89aecc2fc4f63ae2a4208ee8fb6585cebb11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 06:44:04 GMT
content-encoding: gzip
via: 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 2018524
x-cache: Hit from cloudfront
last-modified: Tue, 06 Sep 2022 21:05:11 GMT
server: nginx/1.16.1
etag: W/"6317b607-1b2d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hIYhr7EA-01R4KdOFNer79T7jPSvjzynyfOKQIu1mmtD4LcIdnYfqQ==

GET
H3 200 HDFC_Life_Logo_01.png
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 34 KB
35 KB 239ms
238ms Image
image/png 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/HDFC_Life_Logo_01.png

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfc5836fa50aa05f7579df4ba57bb3435c85e9ab0e3e33ff201b6e6f609f4964

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 35019
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/png
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e890497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 ajax-loader-circle.gif
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 2 KB
2 KB 274ms
273ms Image
image/gif 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ajax-loader-circle.gif

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1787
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/gif
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda57e8a0497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 youtube%20logo.png
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 19 KB
20 KB 180ms
179ms Image
image/png 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/youtube%20logo.png

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d72ce38bb12a98d68170c68f40e5aceb60fe81eeac7e95993ea15f2cc16af04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 19870
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/png
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda708d50497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 email-decode.min.js Show response
onlinepayments.hdfclife.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 20ms
20ms Script
application/javascript 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 May 2024 15:04:33 GMT
server: cloudflare
etag: W/"6650ac81-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 88bfbda729160497-FRA
expires: Sat, 01 Jun 2024 15:26:08 GMT

GET
H3 200 ajax-loader-circle.gif
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 2 KB
2 KB 206ms
206ms Image
image/gif 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ajax-loader-circle.gif

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1787
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/gif
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda84ab30497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET
H3 200 calendarIcon.png
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 1 KB
2 KB 186ms
185ms Image
image/png 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/calendarIcon.png

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e95c82550c01e7407240e86281c0e38155efa7327422718a4ca9cbbf350380c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 1031
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/png
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda85ac60497-FRA
expires: Thu, 06 Jun 2024 15:26:08 GMT

GET vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H3

200

main.js Show response
onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 7103
Redirect Chain

https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

18ms
17ms

Script
application/javascript

2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Requested by

Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp

Protocol

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4482d80c8baaf1bbb403ed424759bd876f342a04f5214fe1daefc401e5f97881

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88bfbda89b240497-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 May 2024 15:26:08 GMT
server: cloudflare
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
cache-control: max-age=300, public
cf-ray: 88bfbda86ad60497-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 88bfbda42b3e372f Show response
onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7103 0
318 B 41ms
41ms XHR
text/plain 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/h/g/jsd/r/88bfbda42b3e372f
Requested by: Host: onlinepayments.hdfclife.com
URL: https://onlinepayments.hdfclife.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 May 2024 15:26:08 GMT
server: cloudflare
cf-ray: 88bfbda92c130497-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js Show response
cdn.appdynamics.com/ 52 KB
20 KB 7ms
7ms Script
application/javascript 3.160.150.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.9.0.3923.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-62.fra60.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 17:25:14 GMT
content-encoding: gzip
via: 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 684055
x-cache: Hit from cloudfront
last-modified: Tue, 06 Sep 2022 21:05:12 GMT
server: nginx/1.16.1
etag: W/"6317b608-d132"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: haIna-Jm7ankN0M-MZCaiT0RTLqRBwHCkPzW9gc5N9qZemsbHO9M0A==

GET
H3 200 favicon.ico
onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/ 1 KB
1 KB 177ms
176ms Other
image/x-icon 2606:4700:4400::6812:211c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/static/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:211c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c50e3775460097b9f31552a76b898986d7a65faaf4b98c8c5618f01188a379e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:26:09 GMT
content-security-policy: default-src 'self' *.hdfclife.com *.adobedtm.com *.demdex.net *.omtrdc.net *.adobedc.net *.appdynamics.com *.eum-appdynamics.com; img-src https: data:; media-src 'self' *.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.adobedc.net *.googleapis.com *.notifyvisitors.com *.hdfclife.com *.appdynamics.com *.eum-appdynamics.com; style-src 'self' 'unsafe-inline' *.googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: image/x-icon
content-language: en-US
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 88bfbda9acdd0497-FRA

POST
H2 200 adrum Show response
bom-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/BO-AAB-CGK/ 0
868 B 418ms
130ms XHR
text/html 13.126.74.15

General

Check archive.org

Show headers Download Go to

Full URL

https://bom-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/BO-AAB-CGK/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.74.15 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://onlinepayments.hdfclife.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 May 2024 15:26:13 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hdfclife.com/	1970-01-21 06:19:38	Name: AMCV_0165B0EA550AFCD50A4C98C6%40AdobeOrg Value: MCMID%7C66191303679556976634593601251173728255
.hdfclife.com/	1969-12-31 23:59:59	Name: nlid Value: 13ab7647\|866c804
.hdfclife.com/	1970-01-21 06:19:38	Name: nllastdelid Value: 866c804
.hdfclife.com/	1970-01-20 20:58:04	Name: __cf_bm Value: 5U_bn3RGO3557J_PnBY5o3l_9GeWk9X6AZX.K1f546Y-1717082768-1.0.1.1-uSNSgYabyhdVL94EtM5nTgwWJt4DjUtDXmvsnznGGxrizW74xEu4fnfRi8RWnrLomDdFl4cy7m1pvp.sOgLLaw
.hdfclife.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000gW7Oedmf9uVsXmzDeKtS-1k:1heab4imc
.hdfclife.com/	1970-01-21 05:43:38	Name: cf_clearance Value: PJup3AQdjN1BxzoL1XnJNUBiWru6065jc0TVphBo.lc-1717082768-1.0.1.1-ulJwhySIzQavKUSHBYwUHePtNIAMo7YNGJLsWyIuX8_i5yWJatzxAYtewzZSX6TtrTdNtiV2QZroOGq1MqIhyA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://onlinepayments.hdfclife.com/HLifeWeb-QP/hlife/quick_pay.jsp Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com *.eum-appdynamics.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .hdfclife.com .adobedtm.com .demdex.net .omtrdc.net .adobedc.net .appdynamics.com .eum-appdynamics.com; img-src https: data:; media-src 'self' .com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adobedtm.com .adobedc.net .googleapis.com .notifyvisitors.com .hdfclife.com .appdynamics.com .eum-appdynamics.com; style-src 'self' 'unsafe-inline' .googleapis.com; font-src 'self' 'unsafe-inline' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1kx.in
bom-col.eum-appdynamics.com
cdn.appdynamics.com
goo.gl
onlinepayments.hdfclife.com
static.cloudflareinsights.com
t.reminders.hdfclife.com
static.cloudflareinsights.com
103.250.30.30
13.126.74.15
15.207.165.84
2606:4700:4400::6812:211c
2a00:1450:4001:82a::200e
3.160.150.62
0e95c82550c01e7407240e86281c0e38155efa7327422718a4ca9cbbf350380c
16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925
16ff7f29d972da2ec37c489037efc989d86d46e24b8e14911017d9b169b97dee
1c50e3775460097b9f31552a76b898986d7a65faaf4b98c8c5618f01188a379e
22dac1d873d404fcb04c48d46053ddee153251ca0feb76fccc01fb000933b1dc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
406075971c0f259dc6ba83d8a977afacbba51916ebbc97fc4ff784a7ab2843d3
4482d80c8baaf1bbb403ed424759bd876f342a04f5214fe1daefc401e5f97881
5d72ce38bb12a98d68170c68f40e5aceb60fe81eeac7e95993ea15f2cc16af04
714b50332e941421d3a878078674880771d4c43c16ab0292864c405c3234d420
8f96903d353214fa8c24aa7ef44bafb668e54dc55a56540643df36b73f60dbcd
9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2
9fb0aa7dfaf27c60ceb2f2fa8ad3b3a3236bb52578ccb112449f75dd807c2295
a4ea3de02f4ec1874478b152a09b89aecc2fc4f63ae2a4208ee8fb6585cebb11
bfc5836fa50aa05f7579df4ba57bb3435c85e9ab0e3e33ff201b6e6f609f4964
cf81c8e8905427ef256a5365ead7440e44ac83399a37b5289f878e8a44afd7bb
e2e095b71bbf73951460aeab2927ac36313b245ada527eea70672afe8746fb82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f761003b1e3a1b1e2da77428e6f22a5584f24541c0b3d99e66e80f606c49cca5

onlinepayments.hdfclife.com Open in urlscan Pro 2606:4700:4400::6812:211c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

91 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

4 IPs

3 Countries

319 kBTransfer

952 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

6 Cookies

1 Console Messages

Security Headers

Indicators

onlinepayments.hdfclife.com Open in urlscan Pro
2606:4700:4400::6812:211c Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

91 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

319 kB
Transfer

952 kB
Size

6
Cookies

23 HTTP transactions
0 data transactions