x.mail.hsbc.fr Open in urlscan Pro
62.27.116.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.mail.hsbc.fr/r/Hi/7Ek8Y
Effective URL:
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDB...
Submission: On September 26 via manual (September 26th 2022, 4:59:16 pm UTC) from US — Scanned from FR

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 73 HTTP transactions. The main IP is 62.27.116.23, located in Germany and belongs to ECOTEL, DE. The main domain is x.mail.hsbc.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 15th 2022. Valid for: a year.

This is the only time x.mail.hsbc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	62.27.116.25 62.27.116.25	12312 (ECOTEL) (ECOTEL)
1 8	35.158.162.107 35.158.162.107	16509 (AMAZON-02) (AMAZON-02)
1	62.27.116.23 62.27.116.23	12312 (ECOTEL) (ECOTEL)
9	23.35.236.235 23.35.236.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
25	18.66.112.66 18.66.112.66	16509 (AMAZON-02) (AMAZON-02)
1	52.219.171.85 52.219.171.85	16509 (AMAZON-02) (AMAZON-02)
1	52.216.137.94 52.216.137.94	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.45 18.66.97.45	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:804::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:807::200d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
73	19

4 62.27.116.25 (Germany) 2 redirects

ASN12312 (ECOTEL, DE)
PTR: rts.ccmp.eu

l.mail.hsbc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.158.162.107 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

cust1098.edp.cheetahces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-cust1098.edp.cheetahces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.27.116.23 (Germany)

ASN12312 (ECOTEL, DE)
PTR: ats.ccmp.eu

x.mail.hsbc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.236.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-235.deploy.static.akamaitechnologies.com

wpm.ccmp.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.112.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-66.fra56.r.cloudfront.net

sdk.runstellar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.171.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.137.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-45.fra56.r.cloudfront.net

spot.demostellar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	runstellar.com sdk.runstellar.com	211 KB
12	google.com apis.google.com — Cisco Umbrella Rank: 98 pay.google.com — Cisco Umbrella Rank: 2890 accounts.google.com — Cisco Umbrella Rank: 77	186 KB
9	ccmp.eu wpm.ccmp.eu — Cisco Umbrella Rank: 127969	1 MB
8	cheetahces.eu 1 redirects cust1098.edp.cheetahces.eu api-cust1098.edp.cheetahces.eu	10 KB
6	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	100 KB
5	hsbc.fr 2 redirects l.mail.hsbc.fr x.mail.hsbc.fr	26 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	34 KB
2	amazonaws.com s3.eu-central-1.amazonaws.com s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3946	55 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 691	41 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 300	471 B
1	demostellar.com spot.demostellar.com	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	7 KB
73	12

	Domain	Requested by
25	sdk.runstellar.com	x.mail.hsbc.fr sdk.runstellar.com
9	wpm.ccmp.eu	x.mail.hsbc.fr
6	apis.google.com	sdk.runstellar.com apis.google.com accounts.google.com pay.google.com
5	accounts.google.com	apis.google.com x.mail.hsbc.fr www.gstatic.com
4	www.gstatic.com	accounts.google.com pay.google.com
4	api-cust1098.edp.cheetahces.eu	sdk.runstellar.com
4	cust1098.edp.cheetahces.eu	1 redirects sdk.runstellar.com
4	l.mail.hsbc.fr	2 redirects x.mail.hsbc.fr
3	fonts.googleapis.com	x.mail.hsbc.fr pay.google.com
2	maxcdn.bootstrapcdn.com	x.mail.hsbc.fr
1	fonts.gstatic.com	fonts.googleapis.com
1	sentry.io	sdk.runstellar.com
1	ssl.gstatic.com	accounts.google.com
1	pay.google.com	apis.google.com
1	spot.demostellar.com	x.mail.hsbc.fr
1	s3.us-east-1.amazonaws.com	x.mail.hsbc.fr
1	s3.eu-central-1.amazonaws.com	x.mail.hsbc.fr
1	cdnjs.cloudflare.com	x.mail.hsbc.fr
1	ajax.googleapis.com	x.mail.hsbc.fr
1	x.mail.hsbc.fr
73	20

This site contains links to these domains. Also see Links.

Domain
cust1098.edp.cheetahces.eu

Subject Issuer	Validity	Valid
*.mail.hsbc.fr Sectigo RSA Organization Validation Secure Server CA	`2022-06-15` - `2023-07-16`	a year	crt.sh
wpm.ccmp.eu R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.runstellar.com Amazon	`2022-01-20` - `2023-02-19`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.demostellar.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
edp.cheetahces.eu Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Frame ID: 70A2AE62DC691F635963C02252F326AD
Requests: 55 HTTP requests in this frame

Frame: https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY2NDIxMTU1Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDA2NjA2MTIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.EnEyoVNRxC0EhEuDDX-MggwmEN12YRiQncYRdRsZScIYUB5RFwobbs4OxRkjpmelyYtJDbkTecO4BlHBe1G3QzOuS8ZgmX3HJ52zaDwfo1N3TfJYhlYG9Fsmb-TuEX0x70SPl8aAjSFfEXHRNgLuy7sw92XuKl7fpJbmiwXJA3igOp1ylQ0siSUvxW20HvgUxLeGjH8MfMB8I_9CXA3InphyeDTe3JyHxit_BrVOqPzwkqLHsuoc9Cyw2EAh8jvUx99NToc0awSgupx92MZVZe8lZrXmLAvevh4uwHP1SXuN4kYqHy9K8ZJ8Ic6HCLK_pn-qcS95wnJVtVZ_Od_Lmg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__
Frame ID: 7CF4C53745DB812B76CFC38AD8EF47EA
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__
Frame ID: 83D96CD268EC48F4C77290C0E4D7371A
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 24723E7AE1B81445C300105338B9FBCE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC Wallet

Page URL History Show full URLs

http://l.mail.hsbc.fr/r/Hi/7Ek8Y HTTP 302
https://l.mail.hsbc.fr/rts/go2.aspx?t=121284&tp=i-1NGB-Hi-61d-7Ek8Y-1n-1pSA-1c-7EPLa-l82KiadxP5-XHl... HTTP 302
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration_id=FRHBFR062003744&secret=72f507cb1f823b427... HTTP 302
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjF... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

20
Subdomains

19
IPs

4
Countries

2040 kB
Transfer

3381 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cust1098.edp.cheetahces.eu/pass/download/95ad0f5fdb972cddb90ee528d9597548

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.mail.hsbc.fr/r/Hi/7Ek8Y HTTP 302
https://l.mail.hsbc.fr/rts/go2.aspx?t=121284&tp=i-1NGB-Hi-61d-7Ek8Y-1n-1pSA-1c-7EPLa-l82KiadxP5-XHldZ&x=FRHBFR062003744%7c72f507cb1f823b427e983e018f5ce8e4 HTTP 302
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration_id=FRHBFR062003744&secret=72f507cb1f823b427e983e018f5ce8e4&pass=reconnaissance_premier HTTP 302
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request url.aspx Show response
x.mail.hsbc.fr/ats/
Redirect Chain

http://l.mail.hsbc.fr/r/Hi/7Ek8Y
https://l.mail.hsbc.fr/rts/go2.aspx?t=121284&tp=i-1NGB-Hi-61d-7Ek8Y-1n-1pSA-1c-7EPLa-l82KiadxP5-XHldZ&x=FRHBFR062003744%7c72f507cb1f823b427e983e018f5ce8e4
https://cust1098.edp.cheetahces.eu/redirect?url=premier&integration_id=FRHBFR062003744&secret=72f507cb1f823b427e983e018f5ce8e4&pass=reconnaissance_premier
https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_...

24 KB
25 KB

258ms
69ms

Document
text/html

62.27.116.23
ECOTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.23 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: ats.ccmp.eu
Software: /
Resource Hash: b0f9fadd83c42eefdc506426984459c5668efeb90d4aa927e6b1170a382c10b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 24772
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Sep 2022 16:59:10 GMT
Expires: 0
Pragma: no-cache
Vary: Origin

Redirect headers

cache-control: no-cache
content-encoding: gzip
content-language: en
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 16:59:11 GMT
location: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
referrer-policy: origin-when-cross-origin
server: nginx
status: 302 Found
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-request-id: 73ef72f0-ebdc-4e4c-ad65-3abb1bfa1010
x-runtime: 0.030992
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK css_page_wallet_premier.css
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 2 KB
966 B 160ms
35ms Stylesheet
text/css 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/css_page_wallet_premier.css
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0cf4f9f12b3268a85354288767a5db153a2466c1b88a5e0229a9a8cb296826f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 12:41:02 GMT
ETag: "a4e5fc422fb5d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 667

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
25 KB 80ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 947
age: 3571600
cdn-cachedat: 07/16/2022 17:19:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d8d47b5ba601acb5b03e1396d006b517
cf-ray: 750d8c750e49d37b-CDG
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 83ms
27ms Script
text/javascript 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 10:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 10:39:41 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 74ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k28QGWH%2FJ4yDpZc3MbLQQMbj4NatAXla0bSpD6i2WvIGIJ%2FEEUA32ey2CG0VTEI%2FNDYZKZIOSBSPXblIIFYzavFMyyz6%2FZkxKVy4UBPtdmFLJcw87hlLBODgFIhiFZ%2BGNid%2BbzXlHuZiMF6TObafgZc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 750d8c74fd317a6f-CDG
expires: Sat, 16 Sep 2023 16:59:11 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 83ms
34ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 946
age: 3571592
cdn-cachedat: 07/16/2022 17:19:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"61f338f870fcd0ff46362ef109d28533"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 63c10d5c757bf7477a476b3b6d319f47
cf-ray: 750d8c750e4bd37b-CDG
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 2 KB
938 B 167ms
62ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:500,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5adc12a8e7054d89fa9b41a5fd92d936607886ae66dc07cb61d2f16c8d6c1b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 16:51:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 16:59:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 16:59:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
933 B 169ms
64ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300i,400,400i,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9aeec6fc4149c53af4c336b167b52eeb813d655b8ca337c28cc75fc9aa15b224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 16:59:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 16:59:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 16:59:11 GMT

GET
H2 200 default.css
sdk.runstellar.com/26.4.0/ 105 KB
18 KB 114ms
44ms Stylesheet
text/css 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/default.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eb3badfb580bdda696c56b503ced3c0d08c9f9008ccaac253a5d4024cd843afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4780405
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 4XVGCS5T1RV9XTTA
x-amz-id-2: bvbWDC6DL/6VOzURf3oYpbbbXcVxUIbUqI+wW58RRTKG2WIxbM8N6xShGykoxVoGp2SO1D9/b5g=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"d6fec56ee9dd5a4f6f272442ef25c6bd"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: UN0Y_cmldOtu3TQGxD9o2sCljAF1oO0bWzFETmuoroXGJtaCj7hBMA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H/1.1 200
OK style-hsbc.css
s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/ 4 KB
4 KB 127ms
62ms Stylesheet
text/css 52.219.171.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/stellar-cust1098-rips3odkvkewfscm8wlw/static_files/style-hsbc.css?1626789588
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.171.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44a12d438c18a1f8c099c7a96a4673561816277334436a5a46f3974df63f75d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 26 Sep 2022 16:59:12 GMT
Last-Modified: Tue, 20 Jul 2021 13:59:49 GMT
Server: AmazonS3
x-amz-request-id: NRFEH02EMS77VT10
ETag: "4520f2416d14aec95c3e4d848b858303"
Content-Type: text/css
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 3898
x-amz-id-2: 75faAt1+3Xw5pddtaUborzGM15MVasafkHX1WzLeic5ajQzSUCzyyHnVzZPwbGJJor2PfKskdbI=

GET
H/1.1 200
OK open.aspx
l.mail.hsbc.fr/rts/ 43 B
229 B 23ms
23ms Image
image/gif 62.27.116.25
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-aXs-G-l82M2MDdMB-2L52W6
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.25 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: rts.ccmp.eu
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 16:59:11 GMT
Cache-Control: no-cache, max-age=0
Content-Type: image/gif
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK open.aspx
l.mail.hsbc.fr/rts/ 43 B
229 B 67ms
23ms Image
image/gif 62.27.116.25
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.27.116.25 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS: rts.ccmp.eu
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 16:59:11 GMT
Cache-Control: no-cache, max-age=0
Content-Type: image/gif
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK Logo-HSBC-Premier-320x100.png
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 14 KB
14 KB 105ms
104ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/Logo-HSBC-Premier-320x100.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f28540562bdab2dd8ac6e8fc6bfb2a76c0cb68f6fc140b77e434c72679fdee9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Tue, 20 Jul 2021 15:13:35 GMT
ETag: "5617a7cf797dd71:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14319

GET
H/1.1 200
OK wallet-premier-lp.png
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 1015 KB
1015 KB 110ms
36ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/wallet-premier-lp.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f7887cd604fdaba3daa7fdf2151408788f80aba89faec35e5af78d41febb73c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Fri, 11 Mar 2022 16:13:44 GMT
ETag: "4a9021fb6235d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1039587

GET
H/1.1 200
OK loader.gif
s3.us-east-1.amazonaws.com/stellar-wsi-ugd5ypbfu9nx7se1epic/content_pages/download_wallet_pass/static_files/ 50 KB
51 KB 347ms
133ms Image
image/gif 52.216.137.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/stellar-wsi-ugd5ypbfu9nx7se1epic/content_pages/download_wallet_pass/static_files/loader.gif?1557385709
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.137.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0035380e3b6fcd2f5b8baa974eb74d7b79cc4a837fe742168c4c703bde053eeb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:12 GMT
Last-Modified: Thu, 09 May 2019 07:08:31 GMT
Server: AmazonS3
x-amz-request-id: NRFFJ04VBXEJ61ER
ETag: "2e1adac5601f0689fd4b5b57b14667c9"
Content-Type: image/gif
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 51343
x-amz-id-2: DEnWpIpl1tQdEpIatFai/DLchVlveQe+xh/yMQEKjmtgwIY70Dvx3amgoPShEhvfFCk4ZIPssG0=

GET
H/1.1 200
OK GIF-wallet-premier-Apple.gif
wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/ 293 KB
293 KB 110ms
37ms Image
image/gif 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/wallet/GIF-wallet-premier-Apple.gif
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5a4d565df51ba9d8f2523cb96174bb3ffaa73b1a6d4e611c116b67d19192799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Fri, 01 Apr 2022 07:46:07 GMT
ETag: "b49ea8c9c45d81:0"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 300268

GET
H/1.1 200
OK HSBC_Pictogram_ProfilePerson_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 6 KB
7 KB 103ms
29ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_ProfilePerson_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a0e153237a2c6a8c0a547ceb80fa8acb7a0317ca02c8133c0c644d86cdf24f0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:30 GMT
ETag: "9ccbb83ac8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6625

GET
H/1.1 200
OK HSBC_Pictogram_Phone_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 6 KB
6 KB 111ms
29ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_Phone_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5274400ca7b9157ef9666ce342bfe53209296aacbfc8089600a026c74da7bb16

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:54 GMT
ETag: "329f5e49c8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6258

GET
H/1.1 200
OK HSBC_Pictogram_StarFavourite_red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 7 KB
8 KB 121ms
39ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_StarFavourite_red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f9263e815d22d6dfbc623954892e276c1ea0fddc7c93a195f49fc4f7c36c212

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Fri, 26 Aug 2022 10:06:22 GMT
ETag: "382947e33b9d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7625

GET
H/1.1 200
OK HSBC_Pictogram_LocationMarker_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 7 KB
7 KB 53ms
32ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_LocationMarker_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db8b145f08a1be9b5ad911d38fc626f1b1daa10e1985ccdd49c2474fb4b20a99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Tue, 23 Aug 2022 08:13:58 GMT
ETag: "5e7a4b4bc8b6d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7135

GET
H/1.1 200
OK HSBC_Pictogram_Choice_Red_Gras.png
wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/ 8 KB
8 KB 52ms
31ms Image
image/png 23.35.236.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpm.ccmp.eu/wpm/1098/ContentUploads/Express/Campaign/icons_54x54/HSBC_Pictogram_Choice_Red_Gras.png
Requested by: Host: x.mail.hsbc.fr
URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 43b4d4ebc3f049db87187649d20d421c37efca5272680aa52c1de9cf7f9a1217

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 16:59:11 GMT
Last-Modified: Fri, 26 Aug 2022 10:18:05 GMT
ETag: "22346f2135b9d81:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7970

GET
H2 200 spot.js Show response
spot.demostellar.com/1.6.0/ 42 KB
12 KB 132ms
55ms Script
application/javascript 18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spot.demostellar.com/1.6.0/spot.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5e94b13ceb25375a6b28a953ef8bad728fef8a1b75f5befed39dd42b1ce3a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47209
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 6E8C2TFMMDJB0J25
x-xss-protection: 1; mode=block
access-control-allow-origin: https://spot.demostellar.com
referrer-policy: strict-origin
last-modified: Sat, 14 May 2022 00:20:09 GMT
server: AmazonS3
etag: W/"c139634af711a445a11a580b1d30c8f3"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: R2BA6Elhyqh3Uz3YUiqfZjyH7Xt-DutH_tBTVsZ2AcvyY5gNOtFRHw==
x-amz-id-2: VVaGD7shLrfZoggLnNdTm/KDplfLEhwX2wJc3Ibpf4oTT87YomfiZ54lCfhqVntYrIqGjfr6tGs=

GET
H2 200 sdk.js Show response
sdk.runstellar.com/26.4.0/ 106 KB
35 KB 42ms
41ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3827648c9d0ea8d1f62fce7199a9fc069a88a55a5e88af10f1e6cf92055c6f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 02:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1520069
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: R92T1F1HEKB7D7F9
x-amz-id-2: I3OLYO1UbxA2wSG+vBL0J2tEhAntwk5GMNP7cBo44RIo91VusAOwUtZ6nRdpYn6cl9gfCBL6BZE=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"b16fc0f4c130de23cce2f318229e3f34"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: -Cves9_N6nGyKlm1PtS_2lt3Z8bll7FwqLOD0zYm5hZfK1OXGFRJpg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 29cc7.js Show response
sdk.runstellar.com/26.4.0/ 223 KB
56 KB 37ms
37ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/29cc7.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9390af9547cd22bb7f0b6631279a17bbe8b099910f1c14aaa33731203993a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 03:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2035230
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: DKBFR980QJA3S7HG
x-amz-id-2: mRJNDYZI/ufFtSidftbRtuk4UXOpagUVMufbLXLf8nhU+ghQlSdRTrFu5DeF2Sw0CEyKJYZpWGM=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"98f87833ffdb9f739c7fa231fcb45fae"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: P6qqvo0eZXTkHzDBmmwpKhTdUi7W7ClHwO__p0_djjmyiaLErQDxYg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 74074.js Show response
sdk.runstellar.com/26.4.0/ 88 KB
31 KB 41ms
41ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74074.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9a9f91ede0b8c756d74214220c9df3c142c77dd04fce253c14682fa7fa3ba3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4780403
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: QXAQVYP5J4ZK09VE
x-amz-id-2: NHimT54RF+l4LMU33Bi+YmLfRtD2CPqLoa50t/7DTBwyO+RbtLY7Zo1WH32Tim8kzoMYJghgqLQ=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"96fdf80d9221cda63b237d234dca4fd2"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YMB6aiRy5PUKkbhkmFbhMYbHtzqixgVIHygXVzaiZYXv0EW8lGctVA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

OPTIONS
H2 204 events
api-cust1098.edp.cheetahces.eu/rtp/api/ Frame 0
0 96ms
25ms Preflight 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cust1098.edp.cheetahces.eu/rtp/api/events?evtId=signin-0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

api-server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://x.mail.hsbc.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Language, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, Referer, SL-Business-Unit, User-Agent, X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
date: Mon, 26 Sep 2022 16:59:11 GMT
expires: 0
pragma: no-cache
referrer-policy: origin-when-cross-origin
request_id: B3063A7B-37E2-445A-8E9D-E6F034F342E5
server: api-server
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

POST
H2 200 events Show response
api-cust1098.edp.cheetahces.eu/rtp/api/ 37 B
2 KB 140ms
140ms XHR
application/json 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cust1098.edp.cheetahces.eu/rtp/api/events?evtId=signin-0

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

api-server /

Resource Hash

48886e9d476eb89b48ccd4e8d2b8ab92a0f8228b0220905d97c4cc38793c0949

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self' https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data: https://www.google-analytics.com; manifest-src 'self'; media-src 'self'; navigate-to 'self'; object-src 'none'; script-src 'self' 'unsafe-eval'; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; worker-src 'self' blob:; report-to sentry; report-uri
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
Authorization: Bearer 16bcebd01a9344d26c94ce20dbe1617722067f8603c91e70471b457073deb34a:076ca936089a23d9bc74ac48667227ddb230cee33810b8ca11f911aa1d51f587
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 16:59:12 GMT
request_id: 1BCCC7F2-3DDB-4792-A4B6-27BB168810E1
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: api-server
x-frame-options: sameorigin
expect-ct: enforce, max-age=0, Report-uri=""
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: { 'group': 'sentry', 'max_age': 0, 'endpoints': [{ 'url': '', 'priority': 1 }]}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://x.mail.hsbc.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; legacy-image-formats 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture 'self'; publickey-credentials 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'self'; vibrate 'self'; vr 'self'; wake-lock 'self'; xr 'self';
content-security-policy: sandbox allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self' https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data: https://www.google-analytics.com; manifest-src 'self'; media-src 'self'; navigate-to 'self'; object-src 'none'; script-src 'self' 'unsafe-eval'; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; worker-src 'self' blob:; report-to sentry; report-uri
x-content-type-options: nosniff
expires: 0

POST
H2 200 events Show response
api-cust1098.edp.cheetahces.eu/rtp/api/ 154 B
2 KB 116ms
116ms XHR
application/json 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cust1098.edp.cheetahces.eu/rtp/api/events?evtId=page_visit-1

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

api-server /

Resource Hash

c30e1b52de54247ef2291efa2d9e496716e5d6e2b927530814ecc9a470506445

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self' https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data: https://www.google-analytics.com; manifest-src 'self'; media-src 'self'; navigate-to 'self'; object-src 'none'; script-src 'self' 'unsafe-eval'; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; worker-src 'self' blob:; report-to sentry; report-uri
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
Authorization: Bearer 16bcebd01a9344d26c94ce20dbe1617722067f8603c91e70471b457073deb34a:076ca936089a23d9bc74ac48667227ddb230cee33810b8ca11f911aa1d51f587
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 16:59:12 GMT
request_id: BD51BDF0-6089-41A7-B6E7-847CA4D90AA1
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: api-server
x-frame-options: sameorigin
expect-ct: enforce, max-age=0, Report-uri=""
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: { 'group': 'sentry', 'max_age': 0, 'endpoints': [{ 'url': '', 'priority': 1 }]}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://x.mail.hsbc.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; legacy-image-formats 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture 'self'; publickey-credentials 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'self'; vibrate 'self'; vr 'self'; wake-lock 'self'; xr 'self';
content-security-policy: sandbox allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-top-navigation allow-top-navigation-by-user-activation; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self' https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data: https://www.google-analytics.com; manifest-src 'self'; media-src 'self'; navigate-to 'self'; object-src 'none'; script-src 'self' 'unsafe-eval'; script-src-attr 'self'; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; upgrade-insecure-requests; worker-src 'self' blob:; report-to sentry; report-uri
x-content-type-options: nosniff
expires: 0

OPTIONS
H2 204 events
api-cust1098.edp.cheetahces.eu/rtp/api/ Frame 0
0 89ms
24ms Preflight 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cust1098.edp.cheetahces.eu/rtp/api/events?evtId=page_visit-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

api-server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://x.mail.hsbc.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Language, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, Referer, SL-Business-Unit, User-Agent, X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
date: Mon, 26 Sep 2022 16:59:11 GMT
expires: 0
pragma: no-cache
referrer-policy: origin-when-cross-origin
request_id: 6C4E926E-C4E0-40E1-9877-A322F8E806B0
server: api-server
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 ad549.js Show response
sdk.runstellar.com/26.4.0/ 21 KB
8 KB 41ms
40ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/ad549.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7931532269be36f6368351474ac688d7feabec33c7a03b172024796e7b616c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2647132
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: Z4MJA8Z25EWGH9T8
x-amz-id-2: xTrUK4W3x/LTCyKIquaWLAS4bnFX3IbRHC7Pi5aDNRvMRS8qBYAfCXKz73lIsV+E+zjQ+XFZ3Q6Arst7mUI3CA==
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"d3775ea47032422325b44db172e1b138"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: NbdR96fep1G2EqYYJEMNedL_xnRuQ2POWNVp2EWPXMZc6-tr-W2LKw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 a3afa.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 39ms
37ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/a3afa.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2a7cccd3809dfd84058e9cda3bc1509a42a1c60d9188e5af673113d7309cd263

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 07:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2193757
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: AEJCYCW5HJVKV1BQ
x-amz-id-2: OKwWSzirSjFoOyGzLqWxmJQX5xWt846ButUgGnDChQCagcuUK19dMAsOQnLKaSpHfgs5nwGviTE=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"aeb4aa3645c6d245c274f0532a20d651"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 6xZlOksqqvxzBdxxoM_z2iDHT5mJckVbg5wKoRmekSfLlyMJiVOeAg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 06cc7.js Show response
sdk.runstellar.com/26.4.0/ 609 B
1 KB 44ms
40ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/06cc7.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ac48d0d6d4597db943bb03126bf6577587a2ac8ad97d44dfe5df4b6aab35c4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 03:38:44 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2035228
x-cache: Hit from cloudfront
x-amz-request-id: 03AWZFH4NG2SMH50
x-amz-id-2: BZdcesBklSuIobb0v4K3nq6JgaKL8joBirB/8DPuency1jSkye5PmKGSKaeF8SoMV5fh1RAGkl8=
accept-ranges: bytes
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:39 GMT
server: AmazonS3
etag: "1b94e0760b907be61a90987469765734"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
content-length: 609
x-amz-cf-id: 80uo-K9VYAo9N0J7oe_l_p4NgHpQPalSTrMrZnMPB4vp1fjwzviKRA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 e56b6.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 45ms
42ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/e56b6.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2aa7d0d5bdb27cf66b0679c7649caefb326b8f963abb1e4bfbf13baf203f4e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 01:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2129494
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: XGB3TAEMJTFXGNYM
x-amz-id-2: T9w6fqpJpg93waTMOhdy7XtfGVNoXcgRTvhKW5b8o2zSf4MgJJXbUsvWrz95BbOp5O9ARwXSUqo=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"ad2c6c34c675a7357638b64ccead821c"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: _Zgp2MWhFWSC5mmMcZhYuFBRY5p6bSlkUcCM2wWID3U7vnEsOaLYDw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 d419f.js Show response
sdk.runstellar.com/26.4.0/ 3 KB
2 KB 44ms
41ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/d419f.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0383faa942e93727c20cb5862ea722ea3f61a4dce0326d36b58a59be829cab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2647131
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: FV1BTD57VTF3KGXK
x-amz-id-2: q1K3ZAhTyJZLkWl6u+gffFZQMT7dMH9dcR0uLErecYUw4bR57WXkx0OV0KduAQV+vAdG9PrSWQc=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"63092c36aeeb34929e8cf2a17dbf5eae"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: l82Qn200BtwiKMigfD9gqMgWC851O_aLKItQrPG_Z4oNVpmu_o2jUg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 72c2c.js Show response
sdk.runstellar.com/26.4.0/ 4 KB
3 KB 47ms
43ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/72c2c.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f0cd4cbdadde4b6f7a089c358014b684365ff48ef102b364cc3f3650ef8aee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3238233
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 1H4N4DR2STMJX0ZG
x-amz-id-2: buEas2Xv1Y/mZt53PAZ86zvayfOeyt3oK27t6YegTLMckUAVRTmBcYCnZMmD/gOFBoEaW4hk4B8=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"6b7f2e3b11c4807e5b57dbc1b766289b"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 2ophjQ3DqlRDOqFHPMWTV3IrSKTA2EX9aF-LYsZyVLShgd5vP_MCLg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 2616a.js Show response
sdk.runstellar.com/26.4.0/ 12 KB
5 KB 46ms
42ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/2616a.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1bdc85400467ba8eb767152fbb351052d16f9813ce28aca3b745bb8b84e7309c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 03:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2898746
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: HVF8XT7EXGDDHWZ1
x-amz-id-2: /fRUPX8i+si1aKZaaj2vB5zliXGNXvk5Go7Eo6O7MMI+Gku6mCVceABfvMRqgKPtxZ89iT4dXWg=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"f71cb99ab4b59b319671390057044cd8"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YnbbMkKuGPEAXwMyf9PYm25rET00r0EujFU7gWy93GRlaN2Q7fLp8A==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 558f1.js Show response
sdk.runstellar.com/26.4.0/ 29 KB
6 KB 45ms
42ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/558f1.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c08ef0d5dfd2575fb52220720af66a422514ab933a935940808296fa136a62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3242731
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 63J86Y9YH7BAAGDS
x-amz-id-2: KzSaKCazk3Ql3gYZuCK6oW57SSVdUGE5QToRvkBNTbqYaJ+KSQIc/tAPjuaO6kNNATB49YFl3xE=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"0895cfca688f4b59c21778d3264938b6"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: D6Cd6Q7-GZaPDuhhEIfjhFpFvEDMeJ-WYS8Q8-GsFMTYpRd-Zwt0xw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 e174b.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 44ms
41ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/e174b.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb0aab98cf111ff976ff8fe32533d3cd88ddf81504184259b28d7bd0dba227b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 00:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1612876
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: VPXK5QGQAGPNZRE4
x-amz-id-2: PSBAtCa61H/xLzxJfHTUQjBWtPnTbzrE0Heugh5I+qCSKJthZOcdqj9vdRVbITB6zPd8rzOFi2E=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"1b18c7989f62b07a8d935618d10d993e"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: EzwKtVLkOh56FnDxQqITBRyb6PrNb1P2KOJGz_Sz23Hbt-x1G4d8Fw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 4017e.js Show response
sdk.runstellar.com/26.4.0/ 2 KB
1 KB 47ms
44ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/4017e.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

afd3a07766f78b9bf0b06b9531b048bd4dc93778ab0b71d5a6fb693d3df33e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 03:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2035228
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 03ASQQV5YNCADJ5P
x-amz-id-2: nnLlqS8Dr85HJslmXhIqDokfgLmxTMCtV8W4bJnizlz0oY8DFUvjIRn9PIqeXmBMs3R/nwPzn4U=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"276a79f5d62110a5c8cdcb292dee94fe"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: OfSq_It6nMivUM7AcWAVTnEzbFwZs9QT-7oz4xMfIWUK5Q--LBSYWA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 9bc6a.js Show response
sdk.runstellar.com/26.4.0/ 5 KB
2 KB 49ms
47ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/9bc6a.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c77ab5b67ba98ae35b5f3f6747a4bc4ad99888ad0f7d2c34fea0a46b935f618

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 00:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1700872
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: T414NN59N5Q0B9ZA
x-amz-id-2: YLPG504a56zkKBF8QSTohP6ZeISftIbYSX81kbfuvyYPpuKvTQtamcQ3aIfQFMPuBGrKDsQO+6A=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"4fb60022757bc66561e5a97a643e77a1"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: XnvBu9_PRKH6X-HizOnm25p23hCTmGmKqk_abwtReHYw873BiVaqIA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 d8bb5.js Show response
sdk.runstellar.com/26.4.0/ 16 KB
6 KB 60ms
58ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/d8bb5.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1f7f9acfa3de1d794238cca66befc165fe297e34e02633a81aad966dcb93c758

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2647131
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: FV19HERRHNT3T809
x-amz-id-2: RwNSrnAckrZKGy82k4WMY+YAFW/Tz3tv7jCChS2nO79JEby4xBAkJE3VLFMc9bmSnDzr7SIF90c=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: W/"1153a3c39fbf0584a5a1fedbc1162951"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Ig4Xj3IOQGqRCKrghSm8xyqZtqzjLaGuEpyTbiPrSXXuKLf7waT5aQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 c274f.js Show response
sdk.runstellar.com/26.4.0/ 6 KB
3 KB 60ms
59ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/c274f.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f62df0a26e9fc2b8c22eb949e5f211283ea169271c8e52293ffb4adf1e4957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4780402
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 7SM03FG5SJ6CHTEQ
x-amz-id-2: R7NB3615WvTmaAxScRkLIKpAcgwoe3SJJZPJFEfX73SGT+2E4l4AjlQW2CRD2Fp1OWGKx/N6YHU=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"9cd5cc9effce1c934a8e9cb47f8f22b8"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Lpcr34yuHZod1gQ6P_LX4YwGXjPpf18TUY91dGqJcNvEXLZ7wJhSjQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 688f2.js Show response
sdk.runstellar.com/26.4.0/ 24 KB
6 KB 76ms
75ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/688f2.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2174ec1145c19ad51ed3818cbf73add541fafecda5632ff40c509fb5e03cb5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4780402
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: 7SMAZKDNFVVAS7YJ
x-amz-id-2: iScbv9ElCHc5Y8t4qOaHMaEWj72gmKYL2XsUxCxpNKBjCpd6WnKJgMF7ci3RjiRxCIhMfzmvo2s=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"078a32115b2fa9013fbc3c2dc291b9f6"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 29b-KlkaubG8H7g-MszUsA669y8kcKlKWyDKQSebtdvYc17SvuLbCw==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 fdf23.js Show response
sdk.runstellar.com/26.4.0/ 568 B
1 KB 67ms
66ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/fdf23.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c22fd28650e27d761b8771d82fb89a06cd5ab16a75d5ecae9b24df8c80103b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:40:21 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2647131
x-cache: Hit from cloudfront
x-amz-request-id: FV18YYZTZX8T0GPJ
x-amz-id-2: 8aDFtetH4rE9VscAmmWVaKQ676+iWM32hBDG8o8sSIpj6s8G0wpFfUmQZ3zZ1XZoNkCebpa69Mk=
accept-ranges: bytes
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:41 GMT
server: AmazonS3
etag: "4351611bcfd40d1bc62332fe2375f361"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
content-length: 568
x-amz-cf-id: iZ-rj7aFv0SqslkJB5bVN7VYfyKy9Bk8RXA6Y62bCndAn_4mpSxv4Q==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 93f28.js Show response
sdk.runstellar.com/26.4.0/ 1 KB
1 KB 63ms
62ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/93f28.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

629e64b4cef5a2338ac17d53fe1c534839871a6e303f7b5702e39d67f0fc7237

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1946075
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: VAJS9HSQZHMS5VAE
x-amz-id-2: b3MZyC4yX+6JrvZ9dvwKnFFQOaGWSbOGSshz0MOOHwMJra5sF0FXISqRfM5NTpr3X7+yx4J5jdc=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"9639463e988ec29c2b3a65312e664a56"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ZaQY8VyAiR55q6OIgY1elbaI4_Z9roi_nuoW3sitoWMx3i1jWKDO8A==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 ca27b.js Show response
sdk.runstellar.com/26.4.0/ 16 KB
6 KB 57ms
57ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/ca27b.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9eb932d925622895424b31b1a64fdf474067b601997899ab4a38414d8c88a9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 03:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2554136
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: T5M3K5QQ0FVZR7J3
x-amz-id-2: ejqY2Eo3k4jKiNiRh1z4ruT6eUrvOMlhWEl2g8qBex5pyZXPpCD/Rb7wNOSGrtG20Sp80vjC9UKVpCD1RVvcoQ==
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"355d590872b4b8797b29903831c5f3eb"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: aNceHRwiCFkDEREQjdxZ6NIMDlHY2AeIXS6MfV9D5vAL6vfZoL-n3Q==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 3daf4.js Show response
sdk.runstellar.com/26.4.0/ 2 KB
1 KB 39ms
39ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/3daf4.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e890156c5be12852ecb387a0ed3b800f4b03e9d060cac842fcfae2bd55915ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 05:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1770324
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: JGJ7FMHJNYXCR7MW
x-amz-id-2: 5HBsEhPBlBATfr/hONrbcSMvDP9yfA31JjfTic2BTUBi5Yvh7ZvC6PC/QMzyi+0+FgROnCWhnVg=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"f25e258a0e7ca3e8a0ecec357252cca4"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: CgZ-RMeX6QterorROOnSqFT_9-F86v69Wir73egKravzfAQSsfsaqg==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 74fe.css
sdk.runstellar.com/26.4.0/ 47 KB
11 KB 36ms
36ms Stylesheet
text/css 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74fe.css

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f77dcf713be7cfdcaf1efd18e9f7c60305366e2c716c7d0f8afe952f835a6ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 03:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2035228
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: CRDW6ADE8ZCHZJN8
x-amz-id-2: M9rUPNAHtuLpbTkYNF6lOWCAqDVyZ/plVb+bTK/5cd/CQpuN0AF+Juos/Oew0vWufDJTKS/2kJc=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"3361141968671b25d72a8e21fb210fe9"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: k6gdmWE_gxNL9kfmcYc02WnVjBmga6N1xsN_jmtZafQlXWhKIXRzhA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 74fe2.js Show response
sdk.runstellar.com/26.4.0/ 149 B
796 B 38ms
37ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/74fe2.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9e708d8d9b84ab17d101e3fa77604358b9f3adb2f890330055c74da058f1a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 01:27:39 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2129494
x-cache: Hit from cloudfront
x-amz-request-id: J6R700ZXMFS8A972
x-amz-id-2: gabPolsB3n6woA9DNETExtGSnWz6Yi16UCBLuc7V1cyPgrXTwSHQXIETfS/mRQfChdOQO149raM=
accept-ranges: bytes
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: "b3dc17969d00af3bc147805a3fd6d844"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
content-length: 149
x-amz-cf-id: 8ltiaajHnnd99YPbIeKrW8peiNXnJIScMYHUyIp7ftrfFS3QmPcDyQ==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 summary.json Show response
cust1098.edp.cheetahces.eu/api/ 722 B
1 KB 180ms
179ms XHR
application/json 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/summary.json?access_token=f462f7004c6338f5f7b1a2d333f34a023d0fcd3d39a1d9b05082e4ccf324d4de&_=1664211551840

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9058f5f460ff22829658973df23a5bc5857bd8ab985eb8a9efdfdf8809817715

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:12 GMT
x-correlation-id
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: db9cd53e-70ec-423d-baa3-c043df47aacf
x-runtime: 0.151160
referrer-policy: origin-when-cross-origin
server: nginx
x-frame-options: ALLOWALL
etag: W/"93e51064cc35a45ebc1fef11e0afdd83"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
content-type: application/json

GET
H2 200 8ac67.js Show response
sdk.runstellar.com/26.4.0/ 6 KB
2 KB 37ms
36ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.runstellar.com/26.4.0/8ac67.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6a2de4c6807cf25d3272964d0800c9a00a865c12bc6cc8603d4f5a6f688f7e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 03:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 739681
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-amz-request-id: RDDX0TVMQSAAYV6X
x-amz-id-2: 8cxXW5X3KLcgHykKlG/lQNflMUOx1pDhULJYSoOsxLM6gffOLcQUm7wQuHkggZLKGZRbasjODgs=
referrer-policy: strict-origin
last-modified: Wed, 26 Aug 2020 03:54:40 GMT
server: AmazonS3
etag: W/"44ea2f869bc962732ec09c76c33c2690"
expect-ct: enforce, max-age=63072000
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: public, max-age=63072000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: gMactylb871BcF-fFpH9phLeNFoFaUZF41qxPF4R9mKmg4-ElzL_uA==
expires: Tue, 01 Jan 2069 00:00:00 GMT

GET
H2 200 embed Show response
cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/ 51 KB
4 KB 296ms
296ms XHR
application/json 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/embed?origins=https://x.mail.hsbc.fr&access_token=f462f7004c6338f5f7b1a2d333f34a023d0fcd3d39a1d9b05082e4ccf324d4de&_=1664211551841

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7aadafbe50371a1275437d2044c3ebb1b6d36f674ece419f2be9847279c28428

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:12 GMT
x-correlation-id
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: 264bc79e-62c6-47b2-9f84-c5b52c892b6b
x-runtime: 0.269729
referrer-policy: origin-when-cross-origin
server: nginx
x-frame-options: ALLOWALL
etag: W/"b755c2eace3ced6f9437095cfa0e7354"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
content-type: application/json

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 266ms
150ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/2616a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7126f2f74b332dbc2e7ff6da63e61c72c4e2d0484dfa5ff374edec00818e609c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20361
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 26 Sep 2022 16:59:12 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "ab702fdec5718ecb"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:59:12 GMT

POST
H2 201 create_view_activity Show response
cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/ 16 B
1016 B 104ms
104ms XHR
application/json 35.158.162.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cust1098.edp.cheetahces.eu/api/passes/reconnaissance_premier/create_view_activity?access_token=f462f7004c6338f5f7b1a2d333f34a023d0fcd3d39a1d9b05082e4ccf324d4de

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-162-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.stellar-v1+json
Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 26 Sep 2022 16:59:12 GMT
x-correlation-id
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 201 Created
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: 1435de8c-37b9-4318-b125-12f568f9e55c
x-runtime: 0.078685
referrer-policy: origin-when-cross-origin
server: nginx
x-frame-options: ALLOWALL
etag: W/"7363e85fe9edee6f053a4b319588c086"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PUT
content-language: en
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https: data:; frame-ancestors 'self' https://login.ccmp.eu https://eu.messaging.engageplatform.com https://messaging.engageplatform.com; img-src 'self' https: data: blob:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp_report?report_only=false
content-type: application/json

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/ 185 KB
62 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fdec16f2614ea87ad1ec655af44efb84dce9efef7d5cdca1f7b20859580b02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63166
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:23:31 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/ 78 KB
27 KB 88ms
88ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3419b8bf3e125f11b175604f3fc493157970b35513a1367e6a87eb81397abd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://x.mail.hsbc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27571
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:23:31 GMT

GET
H2 200 save Show response
pay.google.com/gp/v/widget/ Frame 7CF4 13 KB
7 KB 657ms
597ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY2NDIxMTU1Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDA2NjA2MTIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.EnEyoVNRxC0EhEuDDX-MggwmEN12YRiQncYRdRsZScIYUB5RFwobbs4OxRkjpmelyYtJDbkTecO4BlHBe1G3QzOuS8ZgmX3HJ52zaDwfo1N3TfJYhlYG9Fsmb-TuEX0x70SPl8aAjSFfEXHRNgLuy7sw92XuKl7fpJbmiwXJA3igOp1ylQ0siSUvxW20HvgUxLeGjH8MfMB8I_9CXA3InphyeDTe3JyHxit_BrVOqPzwkqLHsuoc9Cyw2EAh8jvUx99NToc0awSgupx92MZVZe8lZrXmLAvevh4uwHP1SXuN4kYqHy9K8ZJ8Ic6HCLK_pn-qcS95wnJVtVZ_Od_Lmg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

003751634d5b0cd1435989fdf2fb2e00601c4e6be64d20d629384677ef4fc929

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bZIsMIF9sjuISI5BEt7tOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /gp/v/cm/_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bZIsMIF9sjuISI5BEt7tOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /gp/v/cm/_/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4fb1ol"
date: Mon, 26 Sep 2022 16:59:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_gse_4fb1ol","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4fb1ol"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 83D9 566 B
614 B 266ms
167ms Document
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=auth/exm=savetoandroidpay/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ecf38442ba6d555bf27904003de070d9204e3efc9fcbbb4a3551c91e296ad9e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-hoe2AxWS0jWFn-GXJZw2BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-hoe2AxWS0jWFn-GXJZw2BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 16:59:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2472 280 B
1 KB 180ms
112ms Document
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6b31718e012276340753fe8fbdb5a6597b46c5dd40b63b2a51b4095e0354fa3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-JPjK1k1TlLXw5mfg8S_j4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.mail.hsbc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-JPjK1k1TlLXw5mfg8S_j4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 16:59:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 2472 2 KB
843 B 153ms
68ms Other
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f908ae2080e3d7cf4d99ed5147c63f72b4964959d3203e892c04979635b0ab75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 16:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.4tHa6D_EV2o.es5.O/d=1/rs=AOaEmlEGunqii3w9qyOFqthqJjKMVMKuYQ/ Frame 2472 99 KB
35 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.4tHa6D_EV2o.es5.O/d=1/rs=AOaEmlEGunqii3w9qyOFqthqJjKMVMKuYQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c9b967132b652eda8d35335d9b4b8dbd7b758b4f2976d3e7b9f79eef9351d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34918
x-xss-protection: 0
last-modified: Sat, 17 Sep 2022 03:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 11:46:08 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 83D9 0
20 B 94ms
63ms Other
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-yTYQ5-Hnapby4F9ORja7yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 16:59:13 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-yTYQ5-Hnapby4F9ORja7yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 83D9 10 KB
5 KB 104ms
26ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fx.mail.hsbc.fr&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 22:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:48:02 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 83D9 14 KB
5 KB 74ms
73ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b8f0afd6f379185a86026b7bedcb8ea492e60d4010c5491fc15e48f9b14bbe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5575
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 26 Sep 2022 16:59:13 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3d2934eddb507c53"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 16:59:13 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2472 50 B
92 B 80ms
80ms XHR
application/json 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fx.mail.hsbc.fr&client_id=305308388501-i74uvagis4bvh6d3su7illi9uk6qlsjn.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.fr.4tHa6D_EV2o.es5.O/d=1/rs=AOaEmlEGunqii3w9qyOFqthqJjKMVMKuYQ/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-lXEGy2Nevdb1AMSy90f3CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-lXEGy2Nevdb1AMSy90f3CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires: Mon, 26 Sep 2022 16:59:13 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/ Frame 83D9 53 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7be2a49dfd1767d9a52c0735f2efc1a0f38106d3625a4f455d90d7803d07258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 00:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19062
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 00:59:02 GMT

POST
H/1.1 403
Forbidden / Show response
sentry.io/api/1464115/store/ 61 B
471 B 630ms
249ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1464115/store/?sentry_key=7e55aca3579848e5aeb90c894d555a71&sentry_version=7

Requested by

Host: sdk.runstellar.com
URL: https://sdk.runstellar.com/26.4.0/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://x.mail.hsbc.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 26 Sep 2022 16:59:14 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://x.mail.hsbc.fr
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 61

GET
H3 200 m=w
www.gstatic.com/_/wallet/_/ss/k=wallet.tw.h8LCXH7ww_8.L.W.O/d=1/rs=AA2OPsBobR81x-Or1h07SpgAGbWbXzDuUQ/ Frame 7CF4 12 KB
2 KB 84ms
30ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/wallet/_/ss/k=wallet.tw.h8LCXH7ww_8.L.W.O/d=1/rs=AA2OPsBobR81x-Or1h07SpgAGbWbXzDuUQ/m=w

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/v/widget/save?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJjdXN0MTA5OC1ldS1wcm9kQGNoZWV0YWhkaWdpdGFsLWVkcC1tb2JpbGUtd2x0LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXVkIjoiZ29vZ2xlIiwidHlwIjoic2F2ZXRvYW5kcm9pZHBheSIsImlhdCI6MTY2NDIxMTU1Miwib3JpZ2lucyI6WyJodHRwczovL3gubWFpbC5oc2JjLmZyIl0sInBheWxvYWQiOnsibG95YWx0eU9iamVjdHMiOlt7ImtpbmQiOiJ3YWxsZXRvYmplY3RzI2xveWFsdHlPYmplY3QiLCJzdGF0ZSI6ImluYWN0aXZlIiwiaWQiOiIzMzQzMjc4NjQyMTA1NjM5NDc4LnJlY29ubmFpc3NhbmNlX3ByZW1pZXIuRy0wMDA2NjA2MTIiLCJjbGFzc0lkIjoiMzM0MzI3ODY0MjEwNTYzOTQ3OC5yZWNvbm5haXNzYW5jZV9wcmVtaWVyIn1dLCJsb3lhbHR5Q2xhc3NlcyI6W10sIm9mZmVyT2JqZWN0cyI6W10sIm9mZmVyQ2xhc3NlcyI6W10sImdpZnRDYXJkT2JqZWN0cyI6W10sImdpZnRDYXJkQ2xhc3NlcyI6W10sImV2ZW50VGlja2V0T2JqZWN0cyI6W10sImV2ZW50VGlja2V0Q2xhc3NlcyI6W119fQ.EnEyoVNRxC0EhEuDDX-MggwmEN12YRiQncYRdRsZScIYUB5RFwobbs4OxRkjpmelyYtJDbkTecO4BlHBe1G3QzOuS8ZgmX3HJ52zaDwfo1N3TfJYhlYG9Fsmb-TuEX0x70SPl8aAjSFfEXHRNgLuy7sw92XuKl7fpJbmiwXJA3igOp1ylQ0siSUvxW20HvgUxLeGjH8MfMB8I_9CXA3InphyeDTe3JyHxit_BrVOqPzwkqLHsuoc9Cyw2EAh8jvUx99NToc0awSgupx92MZVZe8lZrXmLAvevh4uwHP1SXuN4kYqHy9K8ZJ8Ic6HCLK_pn-qcS95wnJVtVZ_Od_Lmg&class=btn%20btn-google-pay&size=standard&theme=dark&origin=https%3A%2F%2Fx.mail.hsbc.fr&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.UfbWkrF5MxA.O%2Fd%3D1%2Frs%3DAHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ed437c1a4968937e487b0948dead5ed60be87c451167cbb8470747ddb5d679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 06:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/wallet
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 07:55:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="wallet"
vary: Accept-Encoding
report-to: {"group":"wallet","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/wallet"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 06:23:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7CF4 17 KB
1 KB 143ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700|Google+Sans:500|Noto+Sans

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e37bd8c1940bdb173ce809235bc1321d0816ffd6e386afdb8796d765113e207d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 16:39:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 16:59:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 16:59:13 GMT

GET
H3 200 m=w Show response
www.gstatic.com/_/wallet/_/js/k=wallet.tw.fr.L3MfMV6NHIA.O/d=1/rs=AA2OPsAc82uB56N29madLY-yK0fYQOHCcQ/ Frame 7CF4 107 KB
38 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/wallet/_/js/k=wallet.tw.fr.L3MfMV6NHIA.O/d=1/rs=AA2OPsAc82uB56N29madLY-yK0fYQOHCcQ/m=w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ebadb442fe2aeb237789605c965d2666e5d66d4c6c113a5a4c10c43a92e21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 00:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/wallet
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38543
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 21:56:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="wallet"
vary: Accept-Encoding
report-to: {"group":"wallet","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/wallet"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 00:12:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=iframes,iframes_styles_glass/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/ Frame 7CF4 128 KB
43 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.UfbWkrF5MxA.O/m=iframes,iframes_styles_glass/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9MS4PP3lesxwmHM6CR2z9_6bMvbA/cb=gapi.loaded_0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db8be5bf45b4c07a2ac35c589ff5b573ead5ddadc3b16215254bd9ae98ff730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43733
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 11:23:32 GMT

GET
H3 200 Gpay_logo_light.svg
www.gstatic.com/wallet-objects/savetogooglepay/ Frame 7CF4 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/wallet-objects/savetogooglepay/Gpay_logo_light.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

149d5c1087b7bf870c8e659156745c9f05c6bf96288a95912800bff2ea0950f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2088
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Sep 2023 11:43:02 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7CF4 18 KB
18 KB 141ms
41ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700|Google+Sans:500|Noto+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7808dfe3bc513056303e34980c77d96066f0ebebefc3bbdae43a2be40f5836b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pay.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:02:37 GMT
x-content-type-options: nosniff
age: 417396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18012
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 21:02:37 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
l.mail.hsbc.fr/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jy2zzkykrd3gzaflwlegam0a
x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: BIGipServer~ccmp~ccmp_ats_ssl Value: 2952838410.47873.0000
x.mail.hsbc.fr/	1970-01-20 07:43:15	Name: spot_dt Value: e152e58e-5cb5-4e67-bc9a-c7d4f8cb26ac
x.mail.hsbc.fr/	1970-01-20 07:43:15	Name: spot_uta Value: user_token
x.mail.hsbc.fr/	1970-01-20 06:16:53	Name: spot_st Value: e7577a47-5c6f-4a70-b45a-2a6191b64eb7
x.mail.hsbc.fr/	1970-01-20 07:43:15	Name: spot_camp Value: {}
x.mail.hsbc.fr/	1970-01-20 07:43:15	Name: spot_dnt Value: 0
.x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: st_p_access_token Value: f462f7004c6338f5f7b1a2d333f34a023d0fcd3d39a1d9b05082e4ccf324d4de
.x.mail.hsbc.fr/	1969-12-31 23:59:59	Name: st_p_refresh_token Value:
x.mail.hsbc.fr/	1970-01-20 06:18:17	Name: reconnaissance_premier_view Value: true
.x.mail.hsbc.fr/	1970-01-20 15:52:51	Name: G_ENABLED_IDPS Value: google
.google.com/	1970-01-20 10:40:22	Name: NID Value: 511=bGgBc3PRrfQk_5zDwuVKfW5bqpnipMIEFFeNUQJ8-sZCIuXIhXWiTAl1OTbZ_NrQ9FdNTpThQZ8qENhcMF0Y67OIrLAwiCKYoBK7TOTOylAwgpG0cxP7t27FtIDZsyETdBNCSegpNmZAyhVrc0OxU01Y0_ZRl_3JyBZy_mmKLSk

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-aXs-G-l82M2MDdMB-2L52W6'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier(Line 194) Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-aXs-G-l82M2MDdMB-2L52W6'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier(Line 194) Message: Mixed Content: The page at 'https://x.mail.hsbc.fr/ats/url.aspx?stl_params_hash=eyJzdGxfYWNjZXNzIjoiZjQ2MmY3MDA0YzYzMzhmNWY3YjFhMmQzMzNmMzRhMDIzZDBmY2QzZDM5YTFkOWIwNTA4MmU0Y2NmMzI0ZDRkZSJ9&cr=1098&wu=1198&pass=reconnaissance_premier' was loaded over HTTPS, but requested an insecure element 'http://l.mail.hsbc.fr/rts/open.aspx?tp=i-16Hv-Hi-4kX-0-1c-MZN-G-l7GTphhMOE-d3EYl'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sentry.io/api/1464115/store/?sentry_key=7e55aca3579848e5aeb90c894d555a71&sentry_version=7 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
api-cust1098.edp.cheetahces.eu
apis.google.com
cdnjs.cloudflare.com
cust1098.edp.cheetahces.eu
fonts.googleapis.com
fonts.gstatic.com
l.mail.hsbc.fr
maxcdn.bootstrapcdn.com
pay.google.com
s3.eu-central-1.amazonaws.com
s3.us-east-1.amazonaws.com
sdk.runstellar.com
sentry.io
spot.demostellar.com
ssl.gstatic.com
wpm.ccmp.eu
www.gstatic.com
x.mail.hsbc.fr
18.66.112.66
18.66.97.45
23.35.236.235
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:400c:c0b::5c
2a00:1450:400d:804::200e
2a00:1450:400d:807::200d
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
2a00:1450:400e:80e::200a
35.158.162.107
35.188.42.15
52.216.137.94
52.219.171.85
62.27.116.23
62.27.116.25
0035380e3b6fcd2f5b8baa974eb74d7b79cc4a837fe742168c4c703bde053eeb
003751634d5b0cd1435989fdf2fb2e00601c4e6be64d20d629384677ef4fc929
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0cf4f9f12b3268a85354288767a5db153a2466c1b88a5e0229a9a8cb296826f2
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
149d5c1087b7bf870c8e659156745c9f05c6bf96288a95912800bff2ea0950f0
1bdc85400467ba8eb767152fbb351052d16f9813ce28aca3b745bb8b84e7309c
1f7f9acfa3de1d794238cca66befc165fe297e34e02633a81aad966dcb93c758
2174ec1145c19ad51ed3818cbf73add541fafecda5632ff40c509fb5e03cb5ee
23ebadb442fe2aeb237789605c965d2666e5d66d4c6c113a5a4c10c43a92e21d
2a7cccd3809dfd84058e9cda3bc1509a42a1c60d9188e5af673113d7309cd263
2aa7d0d5bdb27cf66b0679c7649caefb326b8f963abb1e4bfbf13baf203f4e50
2f9263e815d22d6dfbc623954892e276c1ea0fddc7c93a195f49fc4f7c36c212
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
31ed437c1a4968937e487b0948dead5ed60be87c451167cbb8470747ddb5d679
3419b8bf3e125f11b175604f3fc493157970b35513a1367e6a87eb81397abd47
3827648c9d0ea8d1f62fce7199a9fc069a88a55a5e88af10f1e6cf92055c6f54
3c77ab5b67ba98ae35b5f3f6747a4bc4ad99888ad0f7d2c34fea0a46b935f618
3c9b967132b652eda8d35335d9b4b8dbd7b758b4f2976d3e7b9f79eef9351d7a
3ecf38442ba6d555bf27904003de070d9204e3efc9fcbbb4a3551c91e296ad9e
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
43b4d4ebc3f049db87187649d20d421c37efca5272680aa52c1de9cf7f9a1217
44a12d438c18a1f8c099c7a96a4673561816277334436a5a46f3974df63f75d4
48886e9d476eb89b48ccd4e8d2b8ab92a0f8228b0220905d97c4cc38793c0949
49f62df0a26e9fc2b8c22eb949e5f211283ea169271c8e52293ffb4adf1e4957
4c22fd28650e27d761b8771d82fb89a06cd5ab16a75d5ecae9b24df8c80103b5
4db8be5bf45b4c07a2ac35c589ff5b573ead5ddadc3b16215254bd9ae98ff730
4f0cd4cbdadde4b6f7a089c358014b684365ff48ef102b364cc3f3650ef8aee9
4f7887cd604fdaba3daa7fdf2151408788f80aba89faec35e5af78d41febb73c
5274400ca7b9157ef9666ce342bfe53209296aacbfc8089600a026c74da7bb16
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5adc12a8e7054d89fa9b41a5fd92d936607886ae66dc07cb61d2f16c8d6c1b98
5e94b13ceb25375a6b28a953ef8bad728fef8a1b75f5befed39dd42b1ce3a79f
629e64b4cef5a2338ac17d53fe1c534839871a6e303f7b5702e39d67f0fc7237
6a2de4c6807cf25d3272964d0800c9a00a865c12bc6cc8603d4f5a6f688f7e4f
7126f2f74b332dbc2e7ff6da63e61c72c4e2d0484dfa5ff374edec00818e609c
7931532269be36f6368351474ac688d7feabec33c7a03b172024796e7b616c39
7aadafbe50371a1275437d2044c3ebb1b6d36f674ece419f2be9847279c28428
7fdec16f2614ea87ad1ec655af44efb84dce9efef7d5cdca1f7b20859580b02b
9058f5f460ff22829658973df23a5bc5857bd8ab985eb8a9efdfdf8809817715
9a9f91ede0b8c756d74214220c9df3c142c77dd04fce253c14682fa7fa3ba3a3
9aeec6fc4149c53af4c336b167b52eeb813d655b8ca337c28cc75fc9aa15b224
9eb932d925622895424b31b1a64fdf474067b601997899ab4a38414d8c88a9ef
a0e153237a2c6a8c0a547ceb80fa8acb7a0317ca02c8133c0c644d86cdf24f0d
a5a4d565df51ba9d8f2523cb96174bb3ffaa73b1a6d4e611c116b67d19192799
a9b8f0afd6f379185a86026b7bedcb8ea492e60d4010c5491fc15e48f9b14bbe
ac48d0d6d4597db943bb03126bf6577587a2ac8ad97d44dfe5df4b6aab35c4e6
afd3a07766f78b9bf0b06b9531b048bd4dc93778ab0b71d5a6fb693d3df33e77
b0383faa942e93727c20cb5862ea722ea3f61a4dce0326d36b58a59be829cab7
b0f9fadd83c42eefdc506426984459c5668efeb90d4aa927e6b1170a382c10b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7808dfe3bc513056303e34980c77d96066f0ebebefc3bbdae43a2be40f5836b
b9e708d8d9b84ab17d101e3fa77604358b9f3adb2f890330055c74da058f1a8a
c08ef0d5dfd2575fb52220720af66a422514ab933a935940808296fa136a62f7
c30e1b52de54247ef2291efa2d9e496716e5d6e2b927530814ecc9a470506445
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d7be2a49dfd1767d9a52c0735f2efc1a0f38106d3625a4f455d90d7803d07258
db8b145f08a1be9b5ad911d38fc626f1b1daa10e1985ccdd49c2474fb4b20a99
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
e37bd8c1940bdb173ce809235bc1321d0816ffd6e386afdb8796d765113e207d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b31718e012276340753fe8fbdb5a6597b46c5dd40b63b2a51b4095e0354fa3
e890156c5be12852ecb387a0ed3b800f4b03e9d060cac842fcfae2bd55915ce0
e9390af9547cd22bb7f0b6631279a17bbe8b099910f1c14aaa33731203993a19
eb3badfb580bdda696c56b503ced3c0d08c9f9008ccaac253a5d4024cd843afc
f28540562bdab2dd8ac6e8fc6bfb2a76c0cb68f6fc140b77e434c72679fdee9f
f77dcf713be7cfdcaf1efd18e9f7c60305366e2c716c7d0f8afe952f835a6ffb
f908ae2080e3d7cf4d99ed5147c63f72b4964959d3203e892c04979635b0ab75
fb0aab98cf111ff976ff8fe32533d3cd88ddf81504184259b28d7bd0dba227b4

x.mail.hsbc.fr Open in urlscan Pro 62.27.116.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

53 %IPv6

12 Domains

20 Subdomains

19 IPs

4 Countries

2040 kBTransfer

3381 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

x.mail.hsbc.fr Open in urlscan Pro
62.27.116.23 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

20
Subdomains

19
IPs

4
Countries

2040 kB
Transfer

3381 kB
Size

12
Cookies

73 HTTP transactions
0 data transactions