urlscan.io logo urlscan.io
SecurityTrails logo

static-origin.hsbc.co.om Open in urlscan Pro
193.108.77.151  Public Scan

Go To Rescan Add Verdict Report
URL: https://static-origin.hsbc.co.om/
Submission: On May 14 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 14 domains to perform 42 HTTP transactions. The main IP is 193.108.77.151, located in United Kingdom and belongs to VERISIGN-INC - VeriSign Global Registry Services, US. The main domain is static-origin.hsbc.co.om.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2018. Valid for: a year.
This is the only time static-origin.hsbc.co.om was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 193.108.77.151 26415 (VERISIGN-INC)
6 68.232.35.180 15133 (EDGECAST)
1 104.111.226.145 16625 (AKAMAI-AS)
1 5 34.249.86.253 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 216.58.206.2 15169 (GOOGLE)
2 5 172.82.228.19 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.76.193.55 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 13.32.223.172 16509 (AMAZON-02)
1 52.18.106.141 16509 (AMAZON-02)
42 14
18    193.108.77.151 (United Kingdom)

ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US)
static-origin.hsbc.co.om
6    68.232.35.180 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com
1    104.111.226.145 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-145.deploy.static.akamaitechnologies.com
c.webtrends.com
5    34.249.86.253 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
www.googleadservices.com
5    172.82.228.19 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net
hsbcbankglobal.sc.omtrdc.net
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::63 (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    54.76.193.55 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-193-55.eu-west-1.compute.amazonaws.com
hsbcbankglobal.demdex.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    13.32.223.172 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-172.fra56.r.cloudfront.net
cdn.appdynamics.com
1    52.18.106.141 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-106-141.eu-west-1.compute.amazonaws.com
col.eum-appdynamics.com
Domain Requested by
18 static-origin.hsbc.co.om static-origin.hsbc.co.om
6 tags.tiqcdn.com static-origin.hsbc.co.om
tags.tiqcdn.com
5 hsbcbankglobal.sc.omtrdc.net 2 redirects static-origin.hsbc.co.om
5 dpm.demdex.net 1 redirects static-origin.hsbc.co.om
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
1 col.eum-appdynamics.com static-origin.hsbc.co.om
1 cdn.appdynamics.com static-origin.hsbc.co.om
1 cm.everesttech.net 1 redirects
1 hsbcbankglobal.demdex.net tags.tiqcdn.com
1 www.facebook.com static-origin.hsbc.co.om
1 www.google.de static-origin.hsbc.co.om
1 www.google.com static-origin.hsbc.co.om
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com tags.tiqcdn.com
1 c.webtrends.com tags.tiqcdn.com
42 15

This site contains links to these domains. Also see Links.

Domain
www.business.hsbc.co.om
www.hsbc.co.om
www.about.hsbc.co.om
www.hsbc.com
Subject Issuer Validity Valid
www.hsbc.co.om
DigiCert SHA2 Extended Validation Server CA		 2018-08-15 -
2019-10-08		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh
*.webtrends.com
DigiCert SHA2 Secure Server CA		 2019-02-25 -
2020-05-26		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.appdynamics.com
DigiCert SHA2 Secure Server CA		 2019-04-15 -
2020-06-17		 a year crt.sh
*.eum-appdynamics.com
DigiCert SHA2 Secure Server CA		 2019-04-15 -
2020-06-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://static-origin.hsbc.co.om/
Frame ID: 89276C2C87FEAA5254700880213BCB1F
Requests: 41 HTTP requests in this frame

Frame: https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0
Frame ID: FCA05ACCC6D61490B7F7F13064736F9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Mustache$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/tags\.tiqcdn\.com\//i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

42
Requests

57 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

14
IPs

6
Countries

848 kB
Transfer

2051 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
Request Chain 27
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&fid=69AB74671CB6ACCA-13D5D1F54476A23B&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event5&v1=pws%3Ahomepage&v2=pws%3Ahomepage&c3=homepage&v3=static-origin.hsbc.co.om%2Findex%2F&c5=homepage&c6=hsbc-rbwm-global-qa-1&v6=general&c7=3%3A21%20PM%7CTuesday&v7=homepage&v8=homepage&v12=en&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v22=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&pccr=true&vidn=2E6D6E7105310461-6000011500002514&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&fid=69AB74671CB6ACCA-13D5D1F54476A23B&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event5&v1=pws%3Ahomepage&v2=pws%3Ahomepage&c3=homepage&v3=static-origin.hsbc.co.om%2Findex%2F&c5=homepage&c6=hsbc-rbwm-global-qa-1&v6=general&c7=3%3A21%20PM%7CTuesday&v7=homepage&v8=homepage&v12=en&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v22=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Request Chain 36
  • https://cm.everesttech.net/cm/dd?d_uuid=31679416095691410832641118628439199255 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XNrc4wAAEt-Zhzx0
Request Chain 39
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&fid=201893ACA3EBD1E2-0DCFA8A1A8D19840&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event24&v1=pws%3Ahomepage&l1=PWS_OM_EN_1_0%2CPWS_OM_EN_2_0%2CPWS_OM_EN_3_0%2CPWS_OM_EN_4_0%2CPWS_OM_EN_5_0%2CPWS_OM_EN_6_0&v2=pws%3Ahomepage&v3=static-origin.hsbc.co.om%2Findex%2F&c6=hsbc-rbwm-global-qa-1&c7=3%3A21%20PM%7CTuesday&v10=HSBC&v11=Middle%20East%20%26%20Africa&v12=en&v13=Oman&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v35=display&v96=promotion&v98=promotion_impression&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&pccr=true&vidn=2E6D6E72853104DD-6000010F400024F6&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&fid=201893ACA3EBD1E2-0DCFA8A1A8D19840&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event24&v1=pws%3Ahomepage&l1=PWS_OM_EN_1_0%2CPWS_OM_EN_2_0%2CPWS_OM_EN_3_0%2CPWS_OM_EN_4_0%2CPWS_OM_EN_5_0%2CPWS_OM_EN_6_0&v2=pws%3Ahomepage&v3=static-origin.hsbc.co.om%2Findex%2F&c6=hsbc-rbwm-global-qa-1&c7=3%3A21%20PM%7CTuesday&v10=HSBC&v11=Middle%20East%20%26%20Africa&v12=en&v13=Oman&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v35=display&v96=promotion&v98=promotion_impression&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
static-origin.hsbc.co.om/ 		75 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
83a683d6afa09d890eae4bfbafb06ef0c01111fe65908ba5d37f544d15a6b366
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
static-origin.hsbc.co.om
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:51 GMT
Server
Apache
Last-Modified
Tue, 14 May 2019 14:51:04 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
S
gbl-prod-wk-aempub
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
9360
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Set-Cookie
DIGITAL-OM-AEM-DYN-COOKIE=!eoZ2gvKomN6s9x6Q6AT/vHhJr15tNaUxIxqp0pSGjXBQW4I87G2DzrB/Aki9CouMH7LOl4tq9PEeriM=; expires=Tue, 14-May-2019 15:21:06 GMT; path=/; Httponly; Secure
Strict-Transport-Security
max-age=16070400; includeSubDomains
clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
static-origin.hsbc.co.om/etc/designs/dpws/ 		544 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
b8368930d2faa9395c815cb8f88b881a5c78bcf97c8fc5166df59064a9d7bebc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:56:19 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=99
X-XSS-Protection
1; mode=block
utag.sync.js
tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.sync.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash
3c1493daa4928439f0841cc378250312757db6f8e33a67a93b4ea35a1b4eb3a9

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:05 GMT
content-encoding
gzip
last-modified
Wed, 23 Jan 2019 13:52:43 GMT
server
ECS (fcn/4186)
etag
"2105107628"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
624
expires
Tue, 14 May 2019 15:26:05 GMT
clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
static-origin.hsbc.co.om/etc/designs/hsbc/appd/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:56:19 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=98
Content-Length
11811
X-XSS-Protection
1; mode=block
hsbc-logo.svg
static-origin.hsbc.co.om/content/dam/hsbc/hbmt/images/logos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/content/dam/hsbc/hbmt/images/logos/hsbc-logo.svg
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Oct 2018 10:52:47 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Vary
Accept-Encoding
Content-Length
1966
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=97
wtb.jpg
static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/21-9/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/21-9/wtb.jpg
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
891f1ba1975606c39b5a46e1314024a38bbe26fa827fe59302c46c86aff87d7f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:20 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=96
Content-Length
158434
X-XSS-Protection
1; mode=block
cq5dam.web.590.1000.jpeg
static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/family-smiles-beach.jpg/jcr:content/renditions/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/family-smiles-beach.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
550bed0f60ba64b840b72497bd655b60dc2613b87f2f012098346f319782b754
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:22 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=100
Content-Length
47494
X-XSS-Protection
1; mode=block
cq5dam.web.590.1000.jpeg
static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/gift.jpg/jcr:content/renditions/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/gift.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
5e9817e64123df1ba7dcb91e81c8e5b6305a564838a77b1f16724760e13e1792
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:22 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=100
Content-Length
42099
X-XSS-Protection
1; mode=block
cq5dam.web.590.1000.jpeg
static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/fireplace.jpg/jcr:content/renditions/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/content/dam/hsbc/om_hbme/images/16-9/fireplace.jpg/jcr:content/renditions/cq5dam.web.590.1000.jpeg
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
6def0d342b4ef19bbe648589d5230806743447aff0737eaeb723b704d7fc9305
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:22 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=100
Content-Length
42963
X-XSS-Protection
1; mode=block
jquery-all-v2.js
static-origin.hsbc.co.om/etc/designs/dpws/staticlibs/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/staticlibs/jquery-all-v2.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
2ce693c688cf188c89f4b5b81d69678b10edc552bbf06f9c744cce04c1ad2e6c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:21 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=90
Content-Length
37253
X-XSS-Protection
1; mode=block
clientlib-all.min.9d3554bf1d72d2773b36dfab1c2a876c.js
static-origin.hsbc.co.om/etc/designs/dpws/ 		382 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-all.min.9d3554bf1d72d2773b36dfab1c2a876c.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
9144d4e422276f4b83be4b9acdad4da7f635f7b0011e9bce244bfb6c76ff6136
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:56:20 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=89
X-XSS-Protection
1; mode=block
wt.js
c.webtrends.com/acs/account/2k22snefjm/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends.com/acs/account/2k22snefjm/js/wt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.226.145 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-226-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27ae0dba4734f1f94e58e9fd96d846da992ac9f83576cfacb379e8448332db93

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 14 May 2019 15:21:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2019 18:41:18 GMT
Server
Apache
ETag
"82a1-5841244996a1e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9635
Expires
Tue, 14 May 2019 15:21:05 GMT
utag.js
tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/ 		157 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash
4fa7a6b0613d73d1f54dc417e8b396fac2729c7fcd6ccb683bda6ae85676ddfb

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:05 GMT
content-encoding
gzip
last-modified
Wed, 23 Jan 2019 13:52:45 GMT
server
ECS (fcn/40B3)
etag
"435219328"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
47142
expires
Tue, 14 May 2019 15:26:05 GMT
UniversNextforHSBCW02-Rg.woff
static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Rg.woff
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Origin
https://static-origin.hsbc.co.om

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:21 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=95
Content-Length
27464
X-XSS-Protection
1; mode=block
UniversNextforHSBCW02-Bd.woff
static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Bd.woff
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Origin
https://static-origin.hsbc.co.om

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:21 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=94
Content-Length
26328
X-XSS-Protection
1; mode=block
HSBCIcon-Font.woff
static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Origin
https://static-origin.hsbc.co.om

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:50:40 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=93
Content-Length
22532
X-XSS-Protection
1; mode=block
UniversNextforHSBCW02-Lt.woff
static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Lt.woff
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Origin
https://static-origin.hsbc.co.om

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:21 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=92
Content-Length
26300
X-XSS-Protection
1; mode=block
UniversNextforHSBCW02-Th.woff
static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/fonts/UniversNextforHSBCW02-Th.woff
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
Origin
https://static-origin.hsbc.co.om

Response headers

Date
Tue, 14 May 2019 15:20:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:50:42 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=91
Content-Length
26884
X-XSS-Protection
1; mode=block
/
static-origin.hsbc.co.om/configuration/modals/you-are-leaving-hsbc.modal/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/configuration/modals/you-are-leaving-hsbc.modal/
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
b069b32ac3f1d6803a2a46145d6baf8a8afddbfbf058bdcd5c0eeef36e1de59c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://static-origin.hsbc.co.om/
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
593
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 14 May 2019 14:51:05 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=88
flags_16.png
static-origin.hsbc.co.om/etc/designs/dpws/common/img/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-origin.hsbc.co.om/etc/designs/dpws/common/img/flags_16.png
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/dpws/staticlibs/jquery-all-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
f31370dc18a5bde5c672f23d3a2a7f7338305b3b95f1afbcd4b977cda3536865
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/etc/designs/dpws/clientlib-default.min.b11d2d95edc4ec5ee57676baad51b405.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 May 2019 14:54:23 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Keep-Alive
timeout=5, max=100
Content-Length
59939
X-XSS-Protection
1; mode=block
authorize.auth.json
static-origin.hsbc.co.om/ 		20 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-origin.hsbc.co.om/authorize.auth.json?q&_=1557847266374
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.77.151 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
Apache /
Resource Hash
69c2b8e06630556f0356093d2679ff3a26a9ce177a8c784ce85a52760a2db3b6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://static-origin.hsbc.co.om/
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
json

Response headers

Date
Tue, 14 May 2019 15:20:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 08 May 2019 23:22:26 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-wk-aempub
Vary
Cookie
Content-Length
20
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=87
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.86.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
X-TID
79h075GNRDk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://static-origin.hsbc.co.om
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://static-origin.hsbc.co.om
X-TID
79h075GNRDk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
138 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/om-rbwm/201901231352&cb=1557847266631
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:06 GMT
last-modified
Thu, 14 Apr 2016 16:59:33 GMT
server
ECS (fcn/40EB)
etag
"2243872957"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 14 May 2019 15:31:06 GMT
utag.33.js
tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.33.js?utv=ut4.39.201811291258
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419D) /
Resource Hash
a9c6618b5e0782bd6c10dcde317656b3cf6a9522ce5e40e9e382e3bf8d307fe9

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:20:59 GMT
content-encoding
gzip
last-modified
Wed, 09 Jan 2019 12:21:00 GMT
server
ECS (fcn/419D)
etag
"3710962152+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
24052
expires
Wed, 29 May 2019 15:20:59 GMT
utag.84.js
tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.84.js?utv=ut4.39.201801231240
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4198) /
Resource Hash
8b1e0f109a4cd92c459b929cae5b6cd4f824b7928fd2b085b8511abd929ffb82

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:06 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2018 12:40:22 GMT
server
ECS (fcn/4198)
etag
"3506100285+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1727
expires
Wed, 29 May 2019 15:21:06 GMT
utag.85.js
tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.85.js?utv=ut4.39.201901231352
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A1) /
Resource Hash
da9765bc676aca9662065ebb4198ddfaaf03cfa23be0f48eb5515ffb5d056b11

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:03 GMT
content-encoding
gzip
last-modified
Thu, 29 Nov 2018 12:59:06 GMT
server
ECS (fcn/41A1)
etag
"900344845+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3339
expires
Wed, 29 May 2019 15:21:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
dsgQikKI/uLwmnYfKA2xJA9oB1obrPrhckkPD5Gipei/cz9woubrvrQ97J5ogJCaxzrmcsFGCtPoregj1aWIwA==
date
Tue, 14 May 2019 15:21:06 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
2c2b83b5a9f188b6f91fdb4db32a68cae12d7c15d62263ebd3e345429dab2ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8874
x-xss-protection
0
server
cafe
etag
3302323910089655626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 May 2019 15:21:06 GMT
s59801996708599
hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/
Redirect Chain
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&fid=69AB74671CB6ACCA-13D5D1F54476A23B&ce=UTF-8&ns=h...
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&pccr=true&vidn=2E6D6E7105310461-6000011500002514&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&f...
43 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&pccr=true&vidn=2E6D6E7105310461-6000011500002514&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&fid=69AB74671CB6ACCA-13D5D1F54476A23B&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event5&v1=pws%3Ahomepage&v2=pws%3Ahomepage&c3=homepage&v3=static-origin.hsbc.co.om%2Findex%2F&c5=homepage&c6=hsbc-rbwm-global-qa-1&v6=general&c7=3%3A21%20PM%7CTuesday&v7=homepage&v8=homepage&v12=en&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v22=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.228.19 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 May 2019 15:21:06 GMT
Last-Modified
Wed, 15 May 2019 15:21:06 GMT
Server
Omniture DC
xserver
www7165
ETag
"3345451529903603712-5282372257035887307"
Vary
*
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 May 2019 15:21:06 GMT

Redirect headers

Date
Tue, 14 May 2019 15:21:06 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 15 May 2019 15:21:06 GMT
Server
Omniture DC/2.0.0
xserver
www168
Content-Type
text/plain
Location
https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s59801996708599?AQB=1&pccr=true&vidn=2E6D6E7105310461-6000011500002514&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A6%202%200&fid=69AB74671CB6ACCA-13D5D1F54476A23B&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event5&v1=pws%3Ahomepage&v2=pws%3Ahomepage&c3=homepage&v3=static-origin.hsbc.co.om%2Findex%2F&c5=homepage&c6=hsbc-rbwm-global-qa-1&v6=general&c7=3%3A21%20PM%7CTuesday&v7=homepage&v8=homepage&v12=en&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v22=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 13 May 2019 15:21:06 GMT
1805307739551132
connect.facebook.net/signals/config/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1805307739551132?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
62738b0208fefff9c750b04e79e4966498f2c941d285f95d945e58762acb8f2e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
JqLm3X8vZxsfwguFpQuEg6kYUBK5EhOR3Iihd8WYzdlVIgB/deXrdRxAEe4/3cgtW3KZEiVruAaQV5nvQJ9p6Q==
date
Tue, 14 May 2019 15:21:06 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797652105/?random=1557847266712&cv=9&fst=1557847266712&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&tiba=HSBC%20Oman&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
18e4eb7c7f1ae0229e5ee7d94200e4364f45abb464051bb78a2eab7fb879d288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 15:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
929
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/797652105/ 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/797652105/?random=1557847266712&cv=9&fst=1557846000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&tiba=HSBC%20Oman&async=1&fmt=3&cdct=2&is_vtc=1&random=3699010415&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::63 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 15:21:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/797652105/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/797652105/?random=1557847266712&cv=9&fst=1557846000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&tiba=HSBC%20Oman&async=1&fmt=3&cdct=2&is_vtc=1&random=3699010415&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 15:21:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1805307739551132&ev=PageView&dl=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&rl=&if=false&ts=1557847266752&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.2.1557847266751.1510671152&it=1557847266697&coo=false&rqm=GET
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 15:21:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 14 May 2019 15:21:06 GMT
rd
dpm.demdex.net/id/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&ts=1557847266630
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.86.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0de82a23b28aa4e4b1455d38aad9cf62e7abc5332d53b4c747d4add827dc179

Request headers

Referer
https://static-origin.hsbc.co.om/
Origin
https://static-origin.hsbc.co.om
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v028-048cf3d1e.edge-irl1.demdex.com 5.52.1.20190424113352 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
yVAvqFJPQZ8=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://static-origin.hsbc.co.om
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1194
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set dest5.html
hsbcbankglobal.demdex.net/ Frame FCA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hsbcbankglobal.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/om-rbwm/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.193.55 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-193-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
hsbcbankglobal.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://static-origin.hsbc.co.om/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=31679416095691410832641118628439199255
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://static-origin.hsbc.co.om/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 25 Apr 2019 10:06:51 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=31679416095691410832641118628439199255;Path=/;Domain=.demdex.net;Expires=Sun, 10-Nov-2019 15:21:06 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
1lvLhlX7Qhw=
Content-Length
2764
Connection
keep-alive
id
hsbcbankglobal.sc.omtrdc.net/ 		43 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsbcbankglobal.sc.omtrdc.net/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=AE9446FC57CECBEE7F000101%40AdobeOrg&mid=31252394618410545082598293041539507296&ts=1557847266845
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.228.19 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
fc1c3bd566f8352f5deb0ef6f2efb29e88558464c066e0917245c24e3887d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
Origin
https://static-origin.hsbc.co.om
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 14 May 2019 15:21:06 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www198
Vary
Origin
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://static-origin.hsbc.co.om
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
43
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XNrc4wAAEt-Zhzx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=31679416095691410832641118628439199255
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XNrc4wAAEt-Zhzx0
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XNrc4wAAEt-Zhzx0
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.86.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v028-0874192be.edge-irl1.demdex.com 5.52.1.20190424113352 2ms
Pragma
no-cache
X-TID
OIToFya3Roo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 14 May 2019 15:21:07 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XNrc4wAAEt-Zhzx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=AE9446FC57CECBEE7F000101%40AdobeOrg&d_nsid=0&d_mid=31252394618410545082598293041539507296&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012E6D6E7105310461-6000011500002514&ts=1557847266878
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.86.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-86-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
350e2eb18ab76f55605c2f8af382ea0bb748f307a00daa0e68875d0f9e6f18ac

Request headers

Referer
https://static-origin.hsbc.co.om/
Origin
https://static-origin.hsbc.co.om
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v028-084ff2957.edge-irl1.demdex.com 5.52.1.20190424113352 7ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
nxfNDr32QbM=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://static-origin.hsbc.co.om
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1192
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
cdn.appdynamics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.172 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-172.fra56.r.cloudfront.net
Software
nginx/1.10.2 /
Resource Hash
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 17 May 2018 18:09:51 GMT
content-encoding
gzip
age
1384538
x-cache
Hit from cloudfront
status
200
via
1.1 7ff3248f5aef149847858a974cf62b00.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2016 22:05:47 GMT
server
nginx/1.10.2
etag
W/"57db1b3b-b4f4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bpiYnsWHkLWtzRrxKARIZx7lc9-x2AwV4oP3sg_fq0BfcBdsobgENQ==
s58144861884113
hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/
Redirect Chain
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&fid=201893ACA3EBD1E2-0DCFA8A1A8D19840&ce=UTF-8&ns=h...
  • https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&pccr=true&vidn=2E6D6E72853104DD-6000010F400024F6&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&f...
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&pccr=true&vidn=2E6D6E72853104DD-6000010F400024F6&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&fid=201893ACA3EBD1E2-0DCFA8A1A8D19840&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event24&v1=pws%3Ahomepage&l1=PWS_OM_EN_1_0%2CPWS_OM_EN_2_0%2CPWS_OM_EN_3_0%2CPWS_OM_EN_4_0%2CPWS_OM_EN_5_0%2CPWS_OM_EN_6_0&v2=pws%3Ahomepage&v3=static-origin.hsbc.co.om%2Findex%2F&c6=hsbc-rbwm-global-qa-1&c7=3%3A21%20PM%7CTuesday&v10=HSBC&v11=Middle%20East%20%26%20Africa&v12=en&v13=Oman&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v35=display&v96=promotion&v98=promotion_impression&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.228.19 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static-origin.hsbc.co.om/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 15:21:09 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 15 May 2019 15:21:09 GMT
Server
Omniture DC
xserver
www282
ETag
"3345451536346054656-6533633624753836846"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 13 May 2019 15:21:09 GMT

Redirect headers

Date
Tue, 14 May 2019 15:21:09 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 15 May 2019 15:21:09 GMT
Server
Omniture DC/2.0.0
xserver
www122
Content-Type
text/plain
Location
https://hsbcbankglobal.sc.omtrdc.net/b/ss/hsbc-rbwm-global-qa-1/1/JS-2.0.0/s58144861884113?AQB=1&pccr=true&vidn=2E6D6E72853104DD-6000010F400024F6&&ndh=1&pf=1&t=14%2F4%2F2019%2015%3A21%3A9%202%200&fid=201893ACA3EBD1E2-0DCFA8A1A8D19840&ce=UTF-8&ns=hsbcbankglobal&pageName=pws%3Ahomepage&g=https%3A%2F%2Fstatic-origin.hsbc.co.om%2F&cc=USD&ch=PWS&server=static-origin.hsbc.co.om&events=event24&v1=pws%3Ahomepage&l1=PWS_OM_EN_1_0%2CPWS_OM_EN_2_0%2CPWS_OM_EN_3_0%2CPWS_OM_EN_4_0%2CPWS_OM_EN_5_0%2CPWS_OM_EN_6_0&v2=pws%3Ahomepage&v3=static-origin.hsbc.co.om%2Findex%2F&c6=hsbc-rbwm-global-qa-1&c7=3%3A21%20PM%7CTuesday&v10=HSBC&v11=Middle%20East%20%26%20Africa&v12=en&v13=Oman&v15=3%3A21%20PM%7CTuesday&v16=hsbc-rbwm-global-qa-1&c17=om-rbwm&v17=om-rbwm&v35=display&v96=promotion&v98=promotion_impression&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 13 May 2019 15:21:09 GMT
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DBV/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DBV/adrum
Requested by
Host: static-origin.hsbc.co.om
URL: https://static-origin.hsbc.co.om/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.106.141 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-106-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://static-origin.hsbc.co.om/
Origin
https://static-origin.hsbc.co.om
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 14 May 2019 15:21:10 GMT
Vary
*
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
0

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| HSBC object| __TEALIUM object| WT boolean| s_jsonLoaded object| utag_data string| adrum-app-key number| adrum-start-time object| ADRUM object| modalsConfiguration boolean| utag_condload object| utag object| tms object| utag_cfg_ovrd object| TEALIUM function| Visitor undefined| $ function| jQuery object| respond function| moment object| Bootstrap object| GPWS object| HSBC_utils object| Mustache object| __core-js_shared__ object| core boolean| anchorsFuncionalityLoadedOnce object| TMS object| utag_extn object| s_c_il number| s_c_in function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_i_hsbc-rbwm-global-qa-1 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 73659118129767547203140501545077288233
.demdex.net/ Name: dextp
Value: 60-1-1557847267511|358-1-1557847267514|771-1-1557847267522|903-1-1557847267542|1957-1-1557847267559|30064-1-1557847267571|144230-1-1557847267586|144231-1-1557847267601|144232-1-1557847267615|144233-1-1557847267631|144234-1-1557847267650|144235-1-1557847267663|144236-1-1557847267678|144237-1-1557847267693|183896-1-1557847267708
.hsbc.co.om/ Name: AMCV_AE9446FC57CECBEE7F000101%40AdobeOrg
Value: 2096510701%7CMCIDTS%7C18031%7CMCMID%7C31252394618410545082598293041539507296%7CMCAAMLH-1558452066%7C6%7CMCAAMB-1558452066%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1557854466s%7CNONE%7CMCAID%7C2E6D6E7105310461-6000011500002514%7CMCSYNCSOP%7C411-18038%7CvVersion%7C2.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.webtrends.com
cdn.appdynamics.com
cm.everesttech.net
col.eum-appdynamics.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hsbcbankglobal.demdex.net
hsbcbankglobal.sc.omtrdc.net
static-origin.hsbc.co.om
tags.tiqcdn.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
104.111.226.145
13.32.223.172
172.82.228.19
193.108.77.151
216.58.206.2
2a00:1450:4001:816::2002
2a00:1450:4001:816::2003
2a00:1450:400c:c00::63
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.249.86.253
52.18.106.141
54.76.193.55
66.117.28.86
68.232.35.180
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
18e4eb7c7f1ae0229e5ee7d94200e4364f45abb464051bb78a2eab7fb879d288
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
27ae0dba4734f1f94e58e9fd96d846da992ac9f83576cfacb379e8448332db93
2c2b83b5a9f188b6f91fdb4db32a68cae12d7c15d62263ebd3e345429dab2ec5
2ce693c688cf188c89f4b5b81d69678b10edc552bbf06f9c744cce04c1ad2e6c
350e2eb18ab76f55605c2f8af382ea0bb748f307a00daa0e68875d0f9e6f18ac
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
3c1493daa4928439f0841cc378250312757db6f8e33a67a93b4ea35a1b4eb3a9
4fa7a6b0613d73d1f54dc417e8b396fac2729c7fcd6ccb683bda6ae85676ddfb
550bed0f60ba64b840b72497bd655b60dc2613b87f2f012098346f319782b754
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
5e9817e64123df1ba7dcb91e81c8e5b6305a564838a77b1f16724760e13e1792
62738b0208fefff9c750b04e79e4966498f2c941d285f95d945e58762acb8f2e
69c2b8e06630556f0356093d2679ff3a26a9ce177a8c784ce85a52760a2db3b6
6def0d342b4ef19bbe648589d5230806743447aff0737eaeb723b704d7fc9305
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
83a683d6afa09d890eae4bfbafb06ef0c01111fe65908ba5d37f544d15a6b366
891f1ba1975606c39b5a46e1314024a38bbe26fa827fe59302c46c86aff87d7f
8b1e0f109a4cd92c459b929cae5b6cd4f824b7928fd2b085b8511abd929ffb82
9144d4e422276f4b83be4b9acdad4da7f635f7b0011e9bce244bfb6c76ff6136
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9c6618b5e0782bd6c10dcde317656b3cf6a9522ce5e40e9e382e3bf8d307fe9
b069b32ac3f1d6803a2a46145d6baf8a8afddbfbf058bdcd5c0eeef36e1de59c
b8368930d2faa9395c815cb8f88b881a5c78bcf97c8fc5166df59064a9d7bebc
d0de82a23b28aa4e4b1455d38aad9cf62e7abc5332d53b4c747d4add827dc179
da9765bc676aca9662065ebb4198ddfaaf03cfa23be0f48eb5515ffb5d056b11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31370dc18a5bde5c672f23d3a2a7f7338305b3b95f1afbcd4b977cda3536865
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fc1c3bd566f8352f5deb0ef6f2efb29e88558464c066e0917245c24e3887d4a8