hsbc-ar.xplab.in Open in urlscan Pro
65.20.72.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hsbc-ar.xplab.in/
Effective URL:
https://hsbc-ar.xplab.in/
Submission Tags: falconsandbox
Submission: On June 15 via api (June 15th 2024, 5:56:54 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 65.20.72.35, located in Mumbai, India and belongs to AS-CHOOPA, US. The main domain is hsbc-ar.xplab.in.
TLS certificate: Issued by R10 on June 15th 2024. Valid for: 3 months.

This is the only time hsbc-ar.xplab.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	65.20.72.35 65.20.72.35	20473 (AS-CHOOPA) (AS-CHOOPA)
8	18.66.248.101 18.66.248.101	16509 (AMAZON-02) (AMAZON-02)
1	18.157.170.121 18.157.170.121	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	5

18 65.20.72.35 (Mumbai, India)

ASN20473 (AS-CHOOPA, US)
PTR: 65.20.72.35.vultrusercontent.com

hsbc-ar.xplab.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.248.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-101.dus51.r.cloudfront.net

cdn.8thwall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.170.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-170-121.eu-central-1.compute.amazonaws.com

apps.8thwall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xplab.in hsbc-ar.xplab.in	526 KB
9	8thwall.com cdn.8thwall.com — Cisco Umbrella Rank: 290119 apps.8thwall.com — Cisco Umbrella Rank: 982826	7 MB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	23 KB
28	3

	Domain	Requested by
18	hsbc-ar.xplab.in	hsbc-ar.xplab.in
8	cdn.8thwall.com	hsbc-ar.xplab.in apps.8thwall.com cdn.8thwall.com
1	cdn.jsdelivr.net	hsbc-ar.xplab.in
1	apps.8thwall.com	hsbc-ar.xplab.in
28	4

This site contains no links.

Subject Issuer	Validity	Valid
hsbc-ar.xplab.in R10	`2024-06-15` - `2024-09-13`	3 months	crt.sh
8thwall.com Amazon RSA 2048 M02	`2024-04-03` - `2025-05-02`	a year	crt.sh
*.8thwall.app Amazon RSA 2048 M02	`2023-11-07` - `2024-12-05`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hsbc-ar.xplab.in/
Frame ID: 93BED020DFBF922B68DC3D58950DA7E1
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC - AR

Page URL History Show full URLs

http://hsbc-ar.xplab.in/ HTTP 307
https://hsbc-ar.xplab.in/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

28
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

23617 kB
Transfer

40352 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hsbc-ar.xplab.in/ HTTP 307
https://hsbc-ar.xplab.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hsbc-ar.xplab.in/
Redirect Chain

http://hsbc-ar.xplab.in/
https://hsbc-ar.xplab.in/

29 KB
18 KB

469ms
149ms

Document
text/html

65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc217e5a98c6ffd5e23f04dfe871c4cc7e0934d3384b38f42fe634e4f7d0fd2f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 18249
content-type: text/html
date: Sat, 15 Jun 2024 17:56:46 GMT
etag: "0f93584feed91:0"
last-modified: Sat, 23 Sep 2023 18:54:14 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

Location: https://hsbc-ar.xplab.in/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stylesheet.css
hsbc-ar.xplab.in/assets/css/ 3 KB
3 KB 153ms
150ms Stylesheet
text/css 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/assets/css/stylesheet.css
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef2243cc1a9e4b9c3bfd0e95d2ac4b2639625495ec607c5df95419600da5fd63

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Mon, 11 Jul 2022 07:11:47 GMT
server: Microsoft-IIS/10.0
etag: "b19257cf594d81:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 3166

GET
H2 200 8frame-1.1.0.min.js Show response
cdn.8thwall.com/web/aframe/ 1 MB
343 KB 54ms
20ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/web/aframe/8frame-1.1.0.min.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f0b207bad31a63a1bb45dc60e23def586c5f14ff759bf5a3367bbb80745495

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 08:16:42 GMT
content-encoding: gzip
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-version-id: jYJ4jH290kaKWAq7LHhYK9kWR4Dx.d.J
x-amz-cf-pop: DUS51-P1
age: 34806
x-cache: Hit from cloudfront
content-length: 350643
last-modified: Thu, 04 Nov 2021 17:28:29 GMT
server: AmazonS3
etag: "7110f2ab5fcd2b943b003264105d43b3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=0
accept-ranges: bytes
x-amz-cf-id: sT_rQ4Xld3BwfAkdvk6tT1rgxs9g3cmLjlFcqrjMjVEJMVixzp18UQ==

GET
H2 200 xrextras.js Show response
cdn.8thwall.com/web/xrextras/ 128 KB
31 KB 45ms
11ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/web/xrextras/xrextras.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7340e9e9bbc281729c0c447b986260e57b994eeb3d410225d462ff78e6b9bca6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 01:15:01 GMT
content-encoding: gzip
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-version-id: ROMWYh4s5EpVbBjwIyqcX64w7gLt5cdD
x-amz-cf-pop: DUS51-P1
age: 60107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31626
last-modified: Fri, 29 Mar 2024 18:23:58 GMT
server: AmazonS3
etag: "b09e1292f9abf94ad9d9a85fbcf5bf8d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=0
accept-ranges: bytes
x-amz-cf-id: D7UBYlBTLsiDjzI_R-ylXcNnnUhYe28uiqZihqC29c4uoMadpBCGew==

GET
H2 200 aframe-extras-6.1.1.min.js Show response
cdn.8thwall.com/web/aframe/ 166 KB
46 KB 47ms
12ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/web/aframe/aframe-extras-6.1.1.min.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b74e6b05f2d3eb96107abeed762c7adbfb839a639d76fe487eaa179112c91488

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 05:47:35 GMT
x-amz-version-id: yTbKxrkihDF86YALg3jJ1oVMGx9VZvm2
content-encoding: gzip
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 43753
x-cache: Hit from cloudfront
last-modified: Tue, 02 Feb 2021 00:31:18 GMT
server: AmazonS3
etag: W/"0617583fccb657a32a00bc69b82be3d5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: grltZiyvp2vyiZqNXujpn6JAMgOoDlY1LsZWPFACJHN8CoZ754k-LQ==

GET
H/1.1 200
OK xrweb Show response
apps.8thwall.com/ 3 KB
2 KB 539ms
496ms Script
application/javascript 18.157.170.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.8thwall.com/xrweb?appKey=2LiCkQkMcI4XNKBt2nBr2PWfy1aOakPb2AuNvJYDptI4wZQKv8gFwcHlaBFwwaLjtlaBFn
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.170.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-170-121.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0083e929c68c3a2450cd24ad056fa3f1cdd7673bb2bffab78fe25ffdc095cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:56:48 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"a56-ssH0yoasBRxqYp1W794VEMTh/+Y"
Surrogate-Control: no-store
Vary: Origin, Accept-Encoding
transfer-encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 aframe-chromakey-material-1.1.1.min.js Show response
cdn.8thwall.com/web/aframe/ 1 KB
1 KB 68ms
35ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/web/aframe/aframe-chromakey-material-1.1.1.min.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d48c7cb0305aaa0197ee4111cbd2f14238fbbef865e641f43f9a08fbf1533b41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 04:23:04 GMT
x-amz-version-id: t3cjSs_neBAx.OQSNpemIFCnUrhoVf.h
content-encoding: gzip
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 48823
x-cache: Hit from cloudfront
last-modified: Sat, 22 Aug 2020 00:36:12 GMT
server: AmazonS3
etag: W/"48108f2c1841ab38ea3ca783304aba6e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: XMYjV_wDsYOgyxXBJwvYKicPV1nq6lZBnniqQudR-BQDMKws_eNPIw==

GET
H2 200 tap-place-cursor.js Show response
hsbc-ar.xplab.in/components/ 2 KB
2 KB 152ms
151ms Script
application/javascript 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/components/tap-place-cursor.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8739e58459195a02d6f199df664100f4819cc5598170e155dc719065564e28c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Wed, 29 Jun 2022 09:41:12 GMT
server: Microsoft-IIS/10.0
etag: "75a4835e9c8bd81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 2435

GET
H2 200 video-texture-components.js Show response
hsbc-ar.xplab.in/components/ 3 KB
3 KB 300ms
299ms Script
application/javascript 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/components/video-texture-components.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ba50e30259b0ed7976182b9b137e1a4f4b2182dea857ea0879e47c39f4e8484

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Wed, 29 Jun 2022 09:41:12 GMT
server: Microsoft-IIS/10.0
etag: "2c72825e9c8bd81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 3162

GET
H2 200 xrlight.js Show response
hsbc-ar.xplab.in/components/ 1 KB
1 KB 300ms
299ms Script
application/javascript 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/components/xrlight.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: adea32905ef2bb812de78ecc42ff96b3fe1da97c0e86b3937d71a9bfc9f24e0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Wed, 29 Jun 2022 10:07:27 GMT
server: Microsoft-IIS/10.0
etag: "ff24a9a08bd81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 1089

GET
H2 200 button-component.js Show response
hsbc-ar.xplab.in/components/ 1 KB
2 KB 300ms
300ms Script
application/javascript 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/components/button-component.js
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f58fefea47462599a0cb9dce03055e1964d6c9e281bb06af2b59ca34795ef27e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Mon, 11 Jul 2022 06:43:25 GMT
server: Microsoft-IIS/10.0
etag: "9ecbb85f194d81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 1535

GET
H2 200 instruct.png
hsbc-ar.xplab.in/assets/images/ 64 KB
65 KB 152ms
151ms Image
image/png 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/instruct.png
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f279cc4bd381700084e3e046e8804d7d68b2d19c042cae159b53b5f32911eee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Thu, 30 Jun 2022 12:13:10 GMT
server: Microsoft-IIS/10.0
etag: "30faf6c37a8cd81:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 66001

GET
H2 200 square-icon-red.png
hsbc-ar.xplab.in/assets/images/ 5 KB
5 KB 161ms
160ms Image
image/png 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/square-icon-red.png
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 75e68bead4b87374e3b1569b9dd1bf2e4f1b9e7d643732ed757752e25b93bd86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 11:26:17 GMT
server: Microsoft-IIS/10.0
etag: "333d40e2e18ad81:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 5426

GET
H2 200 posx.jpg
hsbc-ar.xplab.in/assets/images/ 66 KB
66 KB 148ms
148ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/posx.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 418bb97fcbaa3282dc26e990b41742b0e39597d900deac6502b6c85757a1ed8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:07:52 GMT
server: Microsoft-IIS/10.0
etag: "f91d9466b58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 67119

GET
H2 200 posy.jpg
hsbc-ar.xplab.in/assets/images/ 66 KB
66 KB 149ms
148ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/posy.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26eb93dd795c266511866c84fccf5d053ba339ad92331f184c821992ada546d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:08:03 GMT
server: Microsoft-IIS/10.0
etag: "763ef6db58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 67448

GET
H2 200 posz.jpg
hsbc-ar.xplab.in/assets/images/ 63 KB
63 KB 293ms
291ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/posz.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3604ac68a223a30a51e01c11b3d35d8e1b91a046ab31884f33dfff4833edea0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:08:13 GMT
server: Microsoft-IIS/10.0
etag: "6e284073b58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 64164

GET
H2 200 negx.jpg
hsbc-ar.xplab.in/assets/images/ 57 KB
57 KB 291ms
290ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/negx.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a37159c0abc83d9ca92a79083f59b0f7ce104fb72c17687c9dee0242ade6d745

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:07:20 GMT
server: Microsoft-IIS/10.0
etag: "799c9d53b58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 58680

GET
H2 200 negy.jpg
hsbc-ar.xplab.in/assets/images/ 44 KB
44 KB 294ms
293ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/negy.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebe881c69a79a3c9052550ebc972e6f3a792a9bdf82928607680821ea3e2b69d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:07:30 GMT
server: Microsoft-IIS/10.0
etag: "db6be059b58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 45277

GET
H2 200 negz.jpg
hsbc-ar.xplab.in/assets/images/ 63 KB
63 KB 437ms
436ms Image
image/jpeg 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsbc-ar.xplab.in/assets/images/negz.jpg
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: da0de2e051cd7df9f51b10df781301027e7a4474817b70c6416a1eabab740348

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Tue, 28 Jun 2022 06:07:41 GMT
server: Microsoft-IIS/10.0
etag: "2d956560b58ad81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 64318

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
23 KB 58ms
28ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8116537
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23046
x-served-by: cache-fra-etou8220091-FRA, cache-lga21951-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6eD6KgjA7OHnCjRN2XBSSnUen%2FDcqX%2Bn1s4yVHTDnZYt5enDv7YbcPJWPw8KgAKjvTnGgC%2BLuOvsn5v7fxM5iY1ND9Ctsw6%2FXkNzw6g6RYllysAiI%2B7U%2B4eqUBhXxBEC1V%2BtpUhupNlItKXfgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8944705548d31cc5-FRA

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e79a7e8630faf8c994df44af50ff6e55141da4edaa3f8a979a35f8d07a3466

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 206 vid11.mp4
hsbc-ar.xplab.in/assets/ 36 KB
0 430ms
430ms Media
video/mp4 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/assets/vid11.mp4
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://hsbc-ar.xplab.in/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:46 GMT
last-modified: Mon, 11 Jul 2022 09:30:20 GMT
server: Microsoft-IIS/10.0
etag: "cc8aa3d6895d81:0"
x-powered-by: ASP.NET
content-type: video/mp4
Content-Range: bytes 0-25430358/25430359
accept-ranges: bytes
Content-Length: 25430359

GET
H2 206 vid11.mp4
hsbc-ar.xplab.in/assets/ 66 KB
66 KB 1959ms
149ms Media
video/mp4 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/assets/vid11.mp4
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3126e9925bfe693fb6dda4c356ebea160d2eead8ff572aa86136fee8cae17afd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://hsbc-ar.xplab.in/
Range: bytes=25362432-
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:49 GMT
last-modified: Mon, 11 Jul 2022 09:30:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cc8aa3d6895d81:0"
content-type: video/mp4
Content-Range: bytes 25362432-25430358/25430359
accept-ranges: bytes
Content-Length: 67927

GET
H2 200 xr-simd-25.0.2.2384.js Show response
cdn.8thwall.com/ 1 MB
364 KB 13ms
13ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Requested by: Host: apps.8thwall.com
URL: https://apps.8thwall.com/xrweb?appKey=2LiCkQkMcI4XNKBt2nBr2PWfy1aOakPb2AuNvJYDptI4wZQKv8gFwcHlaBFwwaLjtlaBFn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f16cff782c996a2ddf6604fb760d57bdf99c7f30f15dd774b23935cef7fb381f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 17:24:13 GMT
content-encoding: gzip
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-version-id: Vya9iDpOxOc5DBOjkEhmJcizL3yYEmea
x-amz-cf-pop: DUS51-P1
age: 779555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 372244
last-modified: Wed, 05 Jun 2024 21:26:52 GMT
server: AmazonS3
etag: "e6883c79623899a39edc89007408daea"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bkv7pHmzvWIfYgzQfE3C4SWBVwCJIJTEwbpVN2oiL6TP3TgDvh4h_w==

GET
DATA 200
OK truncated
/ 483 KB
483 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7059693ac930aa2dc80b8662d7fa6d3cdefd4f3ab471b4eb0c3530d6f4b460

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 face.js Show response
cdn.8thwall.com/xr-25.0.2.2384/simd/ 8 MB
2 MB 13ms
12ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/xr-25.0.2.2384/simd/face.js
Requested by: Host: cdn.8thwall.com
URL: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c914b2fdfe491e331e2ebf53d56443e496f2d74c36e6005e5a13e2d8b88a979c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 17:24:15 GMT
content-encoding: gzip
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-version-id: otRF1QyfNS_uS71nkSfxnYgiaH6sK3Eo
x-amz-cf-pop: DUS51-P1
age: 779553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2567051
last-modified: Wed, 05 Jun 2024 21:26:54 GMT
server: AmazonS3
etag: "d65f9176dfc09d0f30e57ef6103dd907"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: b6wXFIa4MbvmwQN6K4mFLgf4D2VRU8aQvbrYIoY_Dsi4drVtRq4SMA==

GET
H2 200 hand.js Show response
cdn.8thwall.com/xr-25.0.2.2384/simd/ 8 MB
2 MB 13ms
13ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/xr-25.0.2.2384/simd/hand.js
Requested by: Host: cdn.8thwall.com
URL: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a32d511fcd0cda5c58ab66325d47bc46a54613f10930538a1778ad0db13fd1b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 17:24:16 GMT
content-encoding: gzip
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-version-id: gtmRSoFdNwqjjXbG84azvu.9WRH1S.2f
x-amz-cf-pop: DUS51-P1
age: 779553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2478658
last-modified: Wed, 05 Jun 2024 21:26:57 GMT
server: AmazonS3
etag: "021733b9f7541b8233b8e144292c12ec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sczfTpnq1i54u1vyJxqi_7q2exw8W7owwavWPs27R47ElpyMLSiB2g==

GET
H2 200 slam.js Show response
cdn.8thwall.com/xr-25.0.2.2384/simd/ 5 MB
2 MB 13ms
13ms Script
application/javascript 18.66.248.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8thwall.com/xr-25.0.2.2384/simd/slam.js
Requested by: Host: cdn.8thwall.com
URL: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d8c22475367826f63aab481fa45607a50246035f1ed8421ef582a31271edbef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.8thwall.com/xr-simd-25.0.2.2384.js
Origin: https://hsbc-ar.xplab.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 17:24:16 GMT
content-encoding: gzip
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-version-id: aOfoFIarU9DnSarlhVyrP.m6E9wmjj.V
x-amz-cf-pop: DUS51-P1
age: 779553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1769714
last-modified: Wed, 05 Jun 2024 21:26:58 GMT
server: AmazonS3
etag: "bd69d0e5e44e0cfe96745296a48beabd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uetuXHlpVkWEM0OvTwYmTpBkp53T_Tv_9NP3XHTZYirRGfuHY34MIQ==

GET
DATA 200
OK truncated
/ 6 MB
6 MB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afc6acf2816f8a63b0b7a25ebcbdc6ed3a628c10191fdc3ed37f9e204d80d802

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 6 MB
6 MB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f8ab4f4d343525b69eda08d26c42e621333911c658afe0314e0dbb7c721ab71

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 4 MB
4 MB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fb3942699a1ec4ca933ff9675777e3791c9087a4ea59a663e1a8c5c156079f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 206 vid11.mp4
hsbc-ar.xplab.in/assets/ 276 KB
0 0ms
0ms Media
video/mp4 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/assets/vid11.mp4
Requested by: Host: hsbc-ar.xplab.in
URL: https://hsbc-ar.xplab.in/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://hsbc-ar.xplab.in/
Range: bytes=32768-
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:49 GMT
last-modified: Mon, 11 Jul 2022 09:30:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cc8aa3d6895d81:0"
content-type: video/mp4
Content-Range: bytes 32768-25430358/25430359
accept-ranges: bytes
Content-Length: 25397591

GET
H2 404 favicon.ico
hsbc-ar.xplab.in/ 1 KB
1 KB 1027ms
1027ms Other
text/html 65.20.72.35
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://hsbc-ar.xplab.in/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.20.72.35 Mumbai, India, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 65.20.72.35.vultrusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://hsbc-ar.xplab.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:56:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hsbc-ar.xplab.in/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.8thwall.com
cdn.8thwall.com
cdn.jsdelivr.net
hsbc-ar.xplab.in
18.157.170.121
18.66.248.101
2606:4700::6812:bb1f
65.20.72.35
0083e929c68c3a2450cd24ad056fa3f1cdd7673bb2bffab78fe25ffdc095cbd7
0e7059693ac930aa2dc80b8662d7fa6d3cdefd4f3ab471b4eb0c3530d6f4b460
26eb93dd795c266511866c84fccf5d053ba339ad92331f184c821992ada546d5
2d8c22475367826f63aab481fa45607a50246035f1ed8421ef582a31271edbef
3126e9925bfe693fb6dda4c356ebea160d2eead8ff572aa86136fee8cae17afd
418bb97fcbaa3282dc26e990b41742b0e39597d900deac6502b6c85757a1ed8e
4ba50e30259b0ed7976182b9b137e1a4f4b2182dea857ea0879e47c39f4e8484
5f8ab4f4d343525b69eda08d26c42e621333911c658afe0314e0dbb7c721ab71
7340e9e9bbc281729c0c447b986260e57b994eeb3d410225d462ff78e6b9bca6
75e68bead4b87374e3b1569b9dd1bf2e4f1b9e7d643732ed757752e25b93bd86
7fb3942699a1ec4ca933ff9675777e3791c9087a4ea59a663e1a8c5c156079f1
8739e58459195a02d6f199df664100f4819cc5598170e155dc719065564e28c4
9f279cc4bd381700084e3e046e8804d7d68b2d19c042cae159b53b5f32911eee
a32d511fcd0cda5c58ab66325d47bc46a54613f10930538a1778ad0db13fd1b9
a37159c0abc83d9ca92a79083f59b0f7ce104fb72c17687c9dee0242ade6d745
adea32905ef2bb812de78ecc42ff96b3fe1da97c0e86b3937d71a9bfc9f24e0b
afc6acf2816f8a63b0b7a25ebcbdc6ed3a628c10191fdc3ed37f9e204d80d802
b1f0b207bad31a63a1bb45dc60e23def586c5f14ff759bf5a3367bbb80745495
b3604ac68a223a30a51e01c11b3d35d8e1b91a046ab31884f33dfff4833edea0
b3e79a7e8630faf8c994df44af50ff6e55141da4edaa3f8a979a35f8d07a3466
b74e6b05f2d3eb96107abeed762c7adbfb839a639d76fe487eaa179112c91488
c914b2fdfe491e331e2ebf53d56443e496f2d74c36e6005e5a13e2d8b88a979c
cc217e5a98c6ffd5e23f04dfe871c4cc7e0934d3384b38f42fe634e4f7d0fd2f
d48c7cb0305aaa0197ee4111cbd2f14238fbbef865e641f43f9a08fbf1533b41
da0de2e051cd7df9f51b10df781301027e7a4474817b70c6416a1eabab740348
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
ebe881c69a79a3c9052550ebc972e6f3a792a9bdf82928607680821ea3e2b69d
ef2243cc1a9e4b9c3bfd0e95d2ac4b2639625495ec607c5df95419600da5fd63
f16cff782c996a2ddf6604fb760d57bdf99c7f30f15dd774b23935cef7fb381f
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f58fefea47462599a0cb9dce03055e1964d6c9e281bb06af2b59ca34795ef27e

hsbc-ar.xplab.in Open in urlscan Pro 65.20.72.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

5 IPs

3 Countries

23617 kBTransfer

40352 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hsbc-ar.xplab.in Open in urlscan Pro
65.20.72.35 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

23617 kB
Transfer

40352 kB
Size

0
Cookies

28 HTTP transactions
5 data transactions