usccredits.com Open in urlscan Pro
198.54.115.107 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usccredits.com/live/
Submission Tags: #phishing @ecarlesi Search All
Submission: On July 02 via api (July 2nd 2022, 2:47:13 am UTC) from FI — Scanned from FI

Summary HTTP 44 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 198.54.115.107, located in United States and belongs to NAMECHEAP-NET, US. The main domain is usccredits.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2022. Valid for: a year.

This is the only time usccredits.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 13	198.54.115.107 198.54.115.107	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
16	18.66.139.91 18.66.139.91	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.26.8.183 104.26.8.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:4703	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.214.29 52.222.214.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	35.161.220.210 35.161.220.210	16509 (AMAZON-02) (AMAZON-02)
1	23.111.9.57 23.111.9.57	33438 (STACKPATH) (STACKPATH)
44	12

13 198.54.115.107 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server96-2.web-hosting.com

usccredits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.139.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-91.fra60.r.cloudfront.net

www.hsbc.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-29.fra56.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.220.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-220-210.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (STACKPATH, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	hsbc.co.uk www.hsbc.co.uk — Cisco Umbrella Rank: 57347 www.askus.hsbc.co.uk Failed	663 KB
13	usccredits.com 1 redirects usccredits.com	36 KB
5	tidiochat.com widget-v4.tidiochat.com — Cisco Umbrella Rank: 15758	269 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307 fonts.googleapis.com — Cisco Umbrella Rank: 71	32 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	32 KB
1	maxcdn.com twemoji.maxcdn.com — Cisco Umbrella Rank: 8864	2 KB
1	eum-appdynamics.com col.eum-appdynamics.com — Cisco Umbrella Rank: 1629	1016 B
1	gstatic.com fonts.gstatic.com	27 KB
1	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 2490	18 KB
1	tidio.co 1 redirects code.tidio.co — Cisco Umbrella Rank: 14159	569 B
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 836	1 KB
44	11

	Domain	Requested by
16	www.hsbc.co.uk	usccredits.com www.hsbc.co.uk
13	usccredits.com	1 redirects usccredits.com www.hsbc.co.uk
5	widget-v4.tidiochat.com	usccredits.com code.tidio.co
2	maxcdn.bootstrapcdn.com	usccredits.com
1	twemoji.maxcdn.com
1	col.eum-appdynamics.com	www.hsbc.co.uk
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	widget-v4.tidiochat.com
1	cdn.appdynamics.com	www.hsbc.co.uk
1	code.tidio.co	1 redirects
1	tags.tiqcdn.com	usccredits.com
1	ajax.googleapis.com	usccredits.com
0	www.askus.hsbc.co.uk Failed	usccredits.com
44	13

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
hsbsave.com
www.business.hsbc.uk
www.hsbsave.com
www.hsbc.co.uk
www.about.hsbc.co.uk
www.services.online-banking.hsbc.co.uk
overdrafteligibilitycheck.hsbc.co.uk
www.fscs.org.uk
www.facebook.com
twitter.com
www.youtube.com
www.hsbc.com

Subject Issuer	Validity	Valid
usccredits.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-29` - `2023-06-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.hsbc.co.uk DigiCert SHA2 Extended Validation Server CA	`2022-04-01` - `2022-10-17`	7 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-21` - `2022-07-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-13` - `2022-11-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://usccredits.com/live/
Frame ID: 610A78925894B2A95C7D88E8AD1941E7
Requests: 37 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_103_0/static/js/chunk-WidgetIframe-5e3e52592c7d557465f5.js
Frame ID: 55DD6F08D79D2F8CF329DB526AD1D843
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: ECD1D0E4631E5E02079DDD4DB4FCB2E4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H5BC Saving

Page URL History Show full URLs

https://usccredits.com/live HTTP 301
https://usccredits.com/live/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

93 %
HTTPS

42 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1080 kB
Transfer

3409 kB
Size

1
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-gb/download/internet-explorer.aspx
Title: Our website doesn't support your browser so please upgrade

Search URL Search Domain Scan URL

URL: https://hsbsave.com/
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.business.hsbc.uk/en-gb/protection/insurance
Title: Small Business Insurance

Search URL Search Domain Scan URL

URL: https://www.hsbsave.com/contact/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/banking-made-easy/how-to-set-up-digital-banking/
Title: Register for digital banking

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/ways-to-bank/mobile/
Title: Mobile banking

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/ways-to-bank/online-banking/
Title: Online banking

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/current-accounts/banking-at-home/
Title: Banking at home

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/ways-to-bank/mobile/cheque-deposit/
Title: Mobile cheque deposit

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/security-centre/lost-your-details/
Title: Reset your online banking details

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/feedback-and-complaints/
Title: Feedback and complaints

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/coronavirus/
Title: Coronavirus support

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/bank-of-england-base-rate/
Title: Bank of England base rate

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/brexit/
Title: Brexit

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/accessibility/
Title: Accessibility and disability

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/branch-finder/
Title: Find your nearest branch

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/service-status/
Title: View our service status to see how we're doing

Search URL Search Domain Scan URL

URL: http://www.about.hsbc.co.uk/
Title: Careers, media, investor and corporate information

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/privacy-notice/
Title: Privacy notice

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/cookie-notice/
Title: Cookie notice

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/register/
Title: Register

Search URL Search Domain Scan URL

URL: https://www.services.online-banking.hsbc.co.uk/gpib/
Title: Back to my accounts

Search URL Search Domain Scan URL

URL: http://www.business.hsbc.uk/
Title: Business

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/

Search URL Search Domain Scan URL

URL: https://www.services.online-banking.hsbc.co.uk/gpib/group/gpib/cmn/layouts/default.html?uid=dashboard
Title: Log on

Search URL Search Domain Scan URL

URL: https://www.services.online-banking.hsbc.co.uk/gpib/channel/?idv_cmd=idv.Logoff&nextPage=saasextention/ICSaaSExtRedirectionController/ADVANCE_LOGOUT_LANDING_PAGE
Title: Log off

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/current-accounts/
Title: Current accounts

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/content/dam/hsbc/gb/pdf/accounts/hsbc-rfb2330-mcp55629-wcag.pdf
Title: T&Cs apply

Search URL Search Domain Scan URL

URL: https://overdrafteligibilitycheck.hsbc.co.uk/
Title: Check my eligibility Check my eligibility This link will open in a new window

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/content/dam/hsbc/gb/pdf/legal-regulation/help-us-to-identify-you.pdf
Title: HSBC Safeguard

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/help/SQI/
Title: Service Quality Information

Search URL Search Domain Scan URL

URL: https://www.hsbc.co.uk/current-accounts/switching-to-hsbc/
Title: Switch bank accounts

Search URL Search Domain Scan URL

URL: https://www.fscs.org.uk/
Title: This link will open in a new window

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hsbcuk
Title: Follow HSBC UK on Facebook This link will open in a new window

Search URL Search Domain Scan URL

URL: https://twitter.com/HSBC_UK
Title: Follow HSBC UK on Twitter This link will open in a new window

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/hsbcuk
Title: Follow HSBC UK on YouTube This link will open in a new window

Search URL Search Domain Scan URL

URL: http://www.hsbc.com/
Title: HSBC GroupHSBC Group This link will open in a new window

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://usccredits.com/live HTTP 301
https://usccredits.com/live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://code.tidio.co/ntxjz6tohk0sl2l7cdjbgvvl4rzwkiiy.js HTTP 302
https://widget-v4.tidiochat.com/1_103_0/static/js/render.5e3e52592c7d557465f5.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
usccredits.com/live/
Redirect Chain

https://usccredits.com/live
https://usccredits.com/live/

227 KB
22 KB

219ms
219ms

Document
text/html

198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 564dc919c94c19def61991b58b636c77bafde585ce79d7c3d88b6142245b6d1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Jul 2022 02:47:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Sat, 02 Jul 2022 02:47:02 GMT
location: https://usccredits.com/live/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 121ms
44ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 10953037
cdn-cachedat: 2021-06-08 21:08:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 314ae6a17ffcb9b05ef2a258cfed1972
cf-ray: 72440df22f4895ee-ARN
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 188ms
59ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 00:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 00:26:50 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 117ms
42ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 6040336
cdn-cachedat: 2021-04-23 06:11:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dc6afeefb6e859879d6f5772a23f6717
cf-ray: 72440df22f4995ee-ARN
cdn-requestcountrycode: SE
cdn-requestpullsuccess: True

GET
H2 200 clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
www.hsbc.co.uk/etc/designs/dpws/ 841 KB
95 KB 508ms
231ms Stylesheet
text/css 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

efe373642c0dd4ff67f20a4163439a1fcc82e4ee21035485e0a8ef87b9ad00a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 05:55:25 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
edge-control: no-cache, no-store, must-revalidate
cache-control: no-cache, no-store, must-revalidate
s: gbl-prod-wk-aempub
x-amz-cf-id: kjIXt9oHzAwsiCzDPY_yPMkaer-akLr2PyXcnjvIAYMKUSlUfpHBFQ==
x-xss-protection: 1; mode=block

GET
H2 200 clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js Show response
www.hsbc.co.uk/etc/designs/hsbc/appd/ 37 KB
12 KB 449ms
172ms Script
application/x-javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 11811
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:28:57 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: application/x-javascript
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
s: gbl-prod-sy-aempub
x-amz-cf-id: Ym2ouJnc2HxMeOGPKrgRIGLxQMXNLvDMLXAo2BQprpFSaX4ekclhRg==

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ 3 KB
1 KB 210ms
64ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/utag.sync.js
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b42a7d4f28738e275871a47c0193e71c813400160911361124a8539249c986cc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:02 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 21:04:55 GMT
server: AkamaiNetStorage
etag: "305f0ceed5d63d5e79983a2bb1b2c5bd:1655845495.414919"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1205
expires: Sat, 02 Jul 2022 02:52:02 GMT

GET
H2 200 hsbc-uk.svg
www.hsbc.co.uk/content/dam/hsbc/gb/images/logos/ 2 KB
1 KB 126ms
123ms Image
image/svg+xml 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.co.uk/content/dam/hsbc/gb/images/logos/hsbc-uk.svg

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

42136cbd91f2a29bb206b47286b6a83a4e5b74cd1a7e25cb943b8b23944f2e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 1029
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 13:41:20 GMT
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=2592000, s-maxage=2592000
accept-ranges: bytes
s: dispatcher2euwest2
x-amz-cf-id: 5OIUAzm14FAGEOFEHU5ar3KIkygHbv1M_-RnEhQHTVw5zvSygt_v3g==

GET
H2 200 30918-hero-mass-happy-online-shopping-with-dog-930x400.jpg
www.hsbc.co.uk/content/dam/hsbc/gb/vam/personal-banking/accounts/hero-21-9/ 217 KB
217 KB 168ms
166ms Image
image/jpeg 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.co.uk/content/dam/hsbc/gb/vam/personal-banking/accounts/hero-21-9/30918-hero-mass-happy-online-shopping-with-dog-930x400.jpg

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

03e63c99959109343e52def4213c79657c698e7982f45b89eaac29a9c14fb3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:45:26 GMT
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 23:43:32 GMT
x-amz-cf-pop: FRA60-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=16070400; includeSubDomains
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 221725
x-xss-protection: 1; mode=block
x-amz-cf-id: HNnZ9qcoU-QSmZX_lApTDNIm4QNl9Z8rN3dt9q26Qge_sADRAI2Vdw==

GET
H2 404 advance-visa-debit.jpg
usccredits.com/content/dam/hsbc/gb/images/credit-cards/ 1 KB
1 KB 212ms
210ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/advance-visa-debit.jpg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 premier-visa-debit.jpg
usccredits.com/content/dam/hsbc/gb/images/credit-cards/ 1 KB
1 KB 214ms
211ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/premier-visa-debit.jpg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 mass-visa-debit.jpg
usccredits.com/content/dam/hsbc/gb/images/credit-cards/ 1 KB
1 KB 215ms
213ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/mass-visa-debit.jpg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 current-account-swicth.png
usccredits.com/content/dam/hsbc/gb/images/logos/ 1 KB
1 KB 216ms
215ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/logos/current-account-swicth.png
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 cq5dam.web.590.1000.jpeg
usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-current-account-1049866480.jpg/jcr:content/renditions/ 1 KB
1 KB 218ms
217ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-current-account-1049866480.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 cq5dam.web.590.1000.jpeg
usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-joint-current-account-683841724.jpg/jcr:content/renditions/ 1 KB
1 KB 219ms
218ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-joint-current-account-683841724.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 cq5dam.web.590.1000.jpeg
usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-family-time-home-cass.jpg/jcr:content/renditions/ 1 KB
1 KB 419ms
418ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-family-time-home-cass.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 protecting-your-money.jpg
usccredits.com/content/dam/hsbc/gb/quick-links/ 1 KB
1 KB 420ms
419ms Image
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usccredits.com/content/dam/hsbc/gb/quick-links/protecting-your-money.jpg
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 clientlib-jquery.5ea5c4f95742f26a1d6b25eb830feb0c.js Show response
www.hsbc.co.uk/etc/designs/dpws/ 111 KB
38 KB 216ms
215ms Script
application/x-javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/clientlib-jquery.5ea5c4f95742f26a1d6b25eb830feb0c.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

d5c2c8d7956e2af9082fe02f239bd97c426f12e7a867d1b4f1a405c124d26cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 37902
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:37:09 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: application/x-javascript
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
s: gbl-prod-wk-aempub
x-amz-cf-id: hXs7iLlodabWxm96yirQ9i_P8y5r5t_ajcrhT9juFTXfklaH_HROug==

GET
H2 200 v2_2_0.min.25e7676b14f56aa25050f77c6b594232.js Show response
www.hsbc.co.uk/etc/designs/hsbc/cpi/clientlib-site/ 18 KB
6 KB 169ms
168ms Script
application/x-javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/hsbc/cpi/clientlib-site/v2_2_0.min.25e7676b14f56aa25050f77c6b594232.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

912f4c51a8c69eb08640d401656cb0ee974d0feb6f69a05635326843530ca06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 5504
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 18:16:03 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: application/x-javascript
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
s: gbl-prod-sy-aempub
x-amz-cf-id: DXEtXosnQelWZzusHc3-utRKouHDxwzqZHbfgArIzgcsCQnPPqr-FA==

GET
H2 200 v2_2_0.min.d391cf12edbe9cb0aa6a5cd650eb0567.js Show response
www.hsbc.co.uk/etc/designs/hsbc/cpi-masthead/clientlib-site/ 15 KB
4 KB 174ms
171ms Script
application/x-javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/hsbc/cpi-masthead/clientlib-site/v2_2_0.min.d391cf12edbe9cb0aa6a5cd650eb0567.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

2cea73b7c9b18c93be931fbf1fd5c6bf1c44a0d0e34c343446162725983a1939

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 3090
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:34:47 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: application/x-javascript
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
s: gbl-prod-sy-aempub
x-amz-cf-id: jSSbuamrDIV173-pdneurntJXbZXBqWku5oX6N6Txd-bgliOlpOgqQ==

GET
H2 200 clientlib-all.min.7d99c8a8a611ef671ac71800438a08bc.js Show response
www.hsbc.co.uk/etc/designs/dpws/ 576 KB
145 KB 169ms
166ms Script
application/x-javascript 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/clientlib-all.min.7d99c8a8a611ef671ac71800438a08bc.js

Requested by

Host: usccredits.com
URL: https://usccredits.com/live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

48f364ef034cf0c9cf115d0a022682eae3745c67e098f13ed9b4167f184b05b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 05:43:14 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=UTF-8
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
edge-control: no-cache, no-store, must-revalidate
cache-control: no-cache, no-store, must-revalidate
s: gbl-prod-sy-aempub
x-amz-cf-id: i2t-1wPfaipQErxh6fxeNccaXL8S7mF7pR0LoO3qfB4-AJx8ybk8iw==
x-xss-protection: 1; mode=block

GET
H2

200

render.5e3e52592c7d557465f5.js Show response
widget-v4.tidiochat.com/1_103_0/static/js/
Redirect Chain

https://code.tidio.co/ntxjz6tohk0sl2l7cdjbgvvl4rzwkiiy.js
https://widget-v4.tidiochat.com/1_103_0/static/js/render.5e3e52592c7d557465f5.js

17 KB
6 KB

208ms
67ms

Script
application/javascript

2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_103_0/static/js/render.5e3e52592c7d557465f5.js
Requested by: Host: usccredits.com
URL: https://usccredits.com/live/
Protocol: H2
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75fb9757695682cfc29fef020ee6da492d89561171684d2323a9fdde47df1b25

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2022 11:22:18 GMT
server: cloudflare
age: 5019
etag: W/"62bc35ea-4311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvv7NpSN9an07rnMt5lj3jjUGlSKMZdVSbpZxn3lKXZG6706tWvxTqcnKfC0ye91aTUdq%2Fpp9a%2BB21pr%2BznltmPAf1LhLZ1d8EXPe8npl%2B9YiVX%2BW1M1NWqYEMPYUE5SUwTGGU0yxOWAE7oe5AMODGCXvo2s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72440df98efb77ad-KBP

Redirect headers

date: Sat, 02 Jul 2022 02:47:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPO20C%2FhGUJ6CzBHMyMI6Vni2uEi6u0PassPDRGPG61mvXvaaQP8gAYpDgQII%2FTe0wwvezKsMl8Z%2BcFDIulcyrz4p9VakGD73ITz8Kzb%2BkEXdO12XrLc6AY22WLfT5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_103_0/static/js/render.5e3e52592c7d557465f5.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 72440df6c99a24c1-KBP
server: cloudflare

GET utag.js
tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/ 0
0

GET
H2 200 UniversNextforHSBCW02-Rg.woff
www.hsbc.co.uk/etc/designs/dpws/common/fonts/ 27 KB
27 KB 321ms
206ms Font
application/font-woff 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Rg.woff

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 17:23:01 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 27464
x-xss-protection: 1; mode=block
x-amz-cf-id: fa1AoyYx10ACEv8qIb5fMX7CJ3xVErs6MV50lcbr9NZOQEZkfvsdFA==

GET
H2 200 UniversNextforHSBCW02-Bd.woff
www.hsbc.co.uk/etc/designs/dpws/common/fonts/ 26 KB
26 KB 268ms
153ms Font
application/font-woff 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Bd.woff

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 17:37:09 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-sy-aempub
content-length: 26328
x-xss-protection: 1; mode=block
x-amz-cf-id: r1_fysPBh1Avnl9rGfTsGd2JKqn_eX-udJjlyWV-33oEkRbNxwFmdQ==

GET
H2 200 HSBCIcon-Font-Extension.woff
www.hsbc.co.uk/etc/designs/dpws/common/fonts/ 37 KB
38 KB 371ms
257ms Font
application/font-woff 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/fonts/HSBCIcon-Font-Extension.woff?ee39a20e77cff3aec879befe2cd1d29d

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 17:24:45 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 38384
x-xss-protection: 1; mode=block
x-amz-cf-id: xMQFdg75Nznc2PCkEcFtLs0j5Nmkw-6vLuz7no5ywsN8jndRt3pHwQ==

GET
H2 200 facebook.svg
www.hsbc.co.uk/etc/designs/dpws/common/social/ 950 B
1 KB 167ms
166ms Image
image/svg+xml 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/social/facebook.svg

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

6a74e4deb1779d184febfd8928a08419349330126c8c2ef38e17a969b4b045a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 598
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:26:58 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: image/svg+xml
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
x-amz-cf-id: n2PD3BX5qXxlt5Oe1IB6wJRWJknHPm1ticbMlAmZOcmJf2sy8I7PCA==

GET
H2 200 twitter.svg
www.hsbc.co.uk/etc/designs/dpws/common/social/ 1 KB
1 KB 97ms
96ms Image
image/svg+xml 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/social/twitter.svg

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

b73caafe07e92a96b5b2c822556d843550d04d1b0ec4086e26219e7ea527402f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 708
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:27:40 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: image/svg+xml
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-sy-aempub
x-amz-cf-id: ARteydTXtsJ6j46svBBs9_KMSjrzOJqc8LyPRDZX2tLmVa7Ij0pcHg==

GET
H2 200 youtube.svg
www.hsbc.co.uk/etc/designs/dpws/common/social/ 1 KB
1 KB 97ms
97ms Image
image/svg+xml 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/social/youtube.svg

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

4d0abfba4322983df5aa4a6f24eac4cb4289bed8739f7ea55e61c20bbf6d7cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 646
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jul 2022 17:17:16 GMT
strict-transport-security: max-age=16070400; includeSubDomains
content-type: image/svg+xml
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
x-amz-cf-id: d3D2WOu-VWoKlyPdMuRKwoE3elROsYzVj_iO7d3JjBlHs_22SUZVBQ==

GET
H2 200 UniversNextforHSBCW02-Lt.woff
www.hsbc.co.uk/etc/designs/dpws/common/fonts/ 26 KB
26 KB 256ms
206ms Font
application/font-woff 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Lt.woff

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:03 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 17:19:58 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 26300
x-xss-protection: 1; mode=block
x-amz-cf-id: a8z-5DVFDEgevKUtQOrP_x0M-p0XlFQmV_eleHfGmGMyi2PM7XzaxQ==

GET
H2 404 / Show response
usccredits.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal/ 1 KB
1 KB 214ms
213ms XHR
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://usccredits.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal/
Requested by: Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept: */*
Referer: https://usccredits.com/live/
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 / Show response
usccredits.com/configuration/modals/you-are-leaving-hsbc.modal/ 1 KB
1 KB 213ms
212ms XHR
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://usccredits.com/configuration/modals/you-are-leaving-hsbc.modal/
Requested by: Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept: */*
Referer: https://usccredits.com/live/
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 authorize.auth.json Show response
usccredits.com/ 1 KB
1 KB 209ms
209ms XHR
text/html 198.54.115.107
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://usccredits.com/authorize.auth.json?q&_=1656730028203
Requested by: Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.107 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server96-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept: */*
Referer: https://usccredits.com/live/
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: json

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET va.js
www.askus.hsbc.co.uk/counter-service/embedp2/ 0
0

GET
H2 200 HSBCIcon-Font.woff
www.hsbc.co.uk/etc/designs/dpws/common/fonts/ 22 KB
23 KB 104ms
104ms Font
application/font-woff 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hsbc.co.uk/etc/designs/dpws/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-91.fra60.r.cloudfront.net

Software

Resource Hash

580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hsbc.co.uk/etc/designs/dpws/clientlib-default.min.2b6250338b469ff55f176b2207bbae55.css
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:45:26 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 17:14:24 GMT
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=16070400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
s: gbl-prod-wk-aempub
content-length: 22532
x-xss-protection: 1; mode=block
x-amz-cf-id: _np4YbfNbemuKheflSN-ztRfrKZ_8GdK-rq9KM1mwWRe_ygXQPJ90Q==

GET
H2 200 adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js Show response
cdn.appdynamics.com/ 45 KB
18 KB 193ms
66ms Script
application/javascript 52.222.214.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by: Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-29.fra56.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://usccredits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 02:05:48 GMT
content-encoding: gzip
age: 434501
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2016 22:05:47 GMT
server: nginx/1.16.1
etag: W/"57db1b3b-b4f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EMc3LtABw6PWpJEwP4a5Soa4EyuYAehOPsmqt1YkNG8mp0SldegHOA==

GET
H2 200 chunk-WidgetIframe-5e3e52592c7d557465f5.js Show response
widget-v4.tidiochat.com/1_103_0/static/js/ Frame 55DD 339 KB
87 KB 141ms
141ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_103_0/static/js/chunk-WidgetIframe-5e3e52592c7d557465f5.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/ntxjz6tohk0sl2l7cdjbgvvl4rzwkiiy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c3d9569b10a1b252cc52a531413e5119e92191849313e8cae9cba882dff3e8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2022 11:22:18 GMT
server: cloudflare
age: 5014
etag: W/"62bc35ea-54d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkUUz5bo2mdprs4IJNONcIusuc3cj95Qjvaq5lG%2F4ZwUkYzz3DB3rebVY9hN%2B1cXaPc2k5QUYJ23AlJucT96eaea02BQgDI4y90UK56oYjOdU62kHpCx9kU50NP%2BOrWlpLFT6iiKVjEI%2FEkhfSQC%2B4ImpIU7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72440dfa586477ad-KBP

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 55DD 7 KB
7 KB 63ms
63ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 02 Jul 2022 02:47:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2050594
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Tue, 07 Jun 2022 15:21:09 GMT
server: cloudflare
etag: "629f6ce5-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIy2GHD5CxBIY2K3CYheMY7pbwkix1OAxb13dH1Wa74jxbhiVXDlLrphyY8vzWEkNlvv%2Bk%2BSA%2Fano0cV7xZc4M4Wz%2BymyYKaFjpF0emnAKmRiJz5g6eI6COyE7opgMVtVUrko5lYIp%2FPUm7DHOHO3oMLNY58"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 72440dfa586d77ad-KBP
expires: Wed, 22 Jun 2022 09:10:30 GMT

GET
H2 200 widget.5e3e52592c7d557465f5.js Show response
widget-v4.tidiochat.com//1_103_0/static/js/ Frame 55DD 519 KB
161 KB 77ms
77ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//1_103_0/static/js/widget.5e3e52592c7d557465f5.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/ntxjz6tohk0sl2l7cdjbgvvl4rzwkiiy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54309be01216286d62d4bd18cac5fa8f45ebf96fdbe8654baba4a4424343de88

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:47:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2022 11:22:18 GMT
server: cloudflare
age: 5015
etag: W/"62bc35ea-81ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLNxnscvEMmM5QLBhrNoGs4cpr%2FyDnoAzruh%2BQ%2B55U6GT65TGM4JPcwmCNtWm6JxQXsRuTLYNqvlL3Q76h1trA3zLmbZWyhNPVBmeEly%2B24Az3Mni8vBiAWN6vsSezpbA4FBcLmdLoX%2BeTkpwlMEr95fRwAW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72440dfa586e77ad-KBP

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 55DD 7 KB
7 KB 63ms
63ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 02 Jul 2022 02:47:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2050594
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Tue, 07 Jun 2022 15:21:09 GMT
server: cloudflare
etag: "629f6ce5-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1ihhFqrfg%2FcBN46J7ape%2FkCpP3AcauvmUqNUgEOgMIDjElVJw8jalXoLdFa3hrDBGlpU35Tkq3vwHYj0Gw1RzB9kwM%2BlHJrnB7rYjtz2lD25wSTJrUTG7wyrHkgh8JstiFOC8yg4k7Mj859UxzSsL2uFVM3"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 72440dfbdabc77ad-KBP
expires: Wed, 22 Jun 2022 09:10:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame ECD1 3 KB
1 KB 212ms
68ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Requested by

Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_103_0/static/js/widget.5e3e52592c7d557465f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ffe180192eb6cc2b7ce89ad11381bacee68c0d315cddb7af32f7a768d16dfa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Jul 2022 02:32:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 02 Jul 2022 02:47:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Jul 2022 02:47:04 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v11/ Frame ECD1 27 KB
27 KB 206ms
60ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v11/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usccredits.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:18:01 GMT
x-content-type-options: nosniff
age: 293344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:53:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:18:01 GMT

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAF-XXU/ 0
1016 B 759ms
188ms XHR
text/html 35.161.220.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAF-XXU/adrum

Requested by

Host: www.hsbc.co.uk
URL: https://www.hsbc.co.uk/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.220.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-220-210.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usccredits.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Jul 2022 02:47:05 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 2
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

GET
H2 200 1f44b.png
twemoji.maxcdn.com/v/13.0.1/72x72/ Frame ECD1 1 KB
2 KB 196ms
59ms Image
image/png 23.111.9.57
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-fastly-request-id: b4c4e343a35c467e514cf912531399673e1c6a66
date: Sat, 02 Jul 2022 02:47:05 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 1285
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
server: NetDNA-cache/2.2
x-github-request-id: 6CF2:595A:D78B0:E678C:62BED7B5
etag: "62451ee1-505"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Mon, 01 Aug 2022 02:47:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/utag.js

Domain: www.askus.hsbc.co.uk
URL: http://www.askus.hsbc.co.uk/counter-service/embedp2/va.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			usccredits.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 060596dc17cfddb57b9f05de311fc06b

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://usccredits.com/live/(Line 144) Message: Mixed Content: The page at 'https://usccredits.com/live/' was loaded over HTTPS, but requested an insecure script 'http://tags.tiqcdn.com/utag/hsbc/uk-rbwm/prod/utag.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/advance-visa-debit.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/premier-visa-debit.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/credit-cards/mass-visa-debit.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/logos/current-account-swicth.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-current-account-1049866480.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-joint-current-account-683841724.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/images/accounts/16-9/494-family-time-home-cass.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/content/dam/hsbc/gb/quick-links/protecting-your-money.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://usccredits.com/live/ Message: Mixed Content: The page at 'https://usccredits.com/live/' was loaded over HTTPS, but requested an insecure script 'http://www.askus.hsbc.co.uk/counter-service/embedp2/va.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://usccredits.com/configuration/modals/leaving-hsbc-for-adobe-live-sign-forms.modal/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/configuration/modals/you-are-leaving-hsbc.modal/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usccredits.com/authorize.auth.json?q&_=1656730028203 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.appdynamics.com
code.tidio.co
col.eum-appdynamics.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
tags.tiqcdn.com
twemoji.maxcdn.com
usccredits.com
widget-v4.tidiochat.com
www.askus.hsbc.co.uk
www.hsbc.co.uk
tags.tiqcdn.com
www.askus.hsbc.co.uk
104.26.8.183
104.75.88.194
18.66.139.91
198.54.115.107
23.111.9.57
2606:4700:20::ac43:4703
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:82f::200a
35.161.220.210
52.222.214.29
03e63c99959109343e52def4213c79657c698e7982f45b89eaac29a9c14fb3d7
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
1ffe180192eb6cc2b7ce89ad11381bacee68c0d315cddb7af32f7a768d16dfa9
2cea73b7c9b18c93be931fbf1fd5c6bf1c44a0d0e34c343446162725983a1939
42136cbd91f2a29bb206b47286b6a83a4e5b74cd1a7e25cb943b8b23944f2e08
48f364ef034cf0c9cf115d0a022682eae3745c67e098f13ed9b4167f184b05b1
4d0abfba4322983df5aa4a6f24eac4cb4289bed8739f7ea55e61c20bbf6d7cda
54309be01216286d62d4bd18cac5fa8f45ebf96fdbe8654baba4a4424343de88
564dc919c94c19def61991b58b636c77bafde585ce79d7c3d88b6142245b6d1e
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
67c3d9569b10a1b252cc52a531413e5119e92191849313e8cae9cba882dff3e8
6a74e4deb1779d184febfd8928a08419349330126c8c2ef38e17a969b4b045a2
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
75fb9757695682cfc29fef020ee6da492d89561171684d2323a9fdde47df1b25
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
912f4c51a8c69eb08640d401656cb0ee974d0feb6f69a05635326843530ca06f
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
b42a7d4f28738e275871a47c0193e71c813400160911361124a8539249c986cc
b73caafe07e92a96b5b2c822556d843550d04d1b0ec4086e26219e7ea527402f
d5c2c8d7956e2af9082fe02f239bd97c426f12e7a867d1b4f1a405c124d26cea
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4
efe373642c0dd4ff67f20a4163439a1fcc82e4ee21035485e0a8ef87b9ad00a7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

usccredits.com Open in urlscan Pro 198.54.115.107 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

42 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

1080 kBTransfer

3409 kBSize

1 Cookies

39 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usccredits.com Open in urlscan Pro
198.54.115.107 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

42 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1080 kB
Transfer

3409 kB
Size

1
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!