mydeal-dhp.gbm.hsbc.com Open in urlscan Pro
193.108.78.222  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mydeal-dhp.gbm.hsbc.com/	3 KB 2 KB	1134ms 66ms	Document text/html	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash f75cb633654f8c687179eab23f22844b734095a7062800945b9130a6b3ecca6e Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control no-cache, no-store, must-revalidate content-encoding gzip content-length 1347 content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default content-type text/html date Thu, 25 Jul 2024 14:58:08 GMT etag "80d3b1c7403eda1:0" last-modified Wed, 03 Jan 2024 12:31:31 GMT report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-powered-by ASP.NET x-xss-protection 1; mode=block
GET H2	200	2.4ff5eb7b.chunk.css mydeal-dhp.gbm.hsbc.com/static/css/	1 KB 782 B	59ms 58ms	Stylesheet text/css	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/css/2.4ff5eb7b.chunk.css Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash d849d638178c205cfd44cce2d046c6e1a1a53d50a484ec977295f30fe08b66e3 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default x-powered-by ASP.NET content-length 663 x-xss-protection 1; mode=block last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" vary Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} cache-control public, max-age=604800 accept-ranges bytes
GET H2	200	main.31ae6386.chunk.css mydeal-dhp.gbm.hsbc.com/static/css/	152 KB 37 KB	126ms 126ms	Stylesheet text/css	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/css/main.31ae6386.chunk.css Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash 9aac02f5f17a5051c565facae964097cead2ac5c94db67ca9b263f737399fcae Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default x-powered-by ASP.NET content-length 37381 x-xss-protection 1; mode=block last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type text/css access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 vary Accept-Encoding accept-ranges bytes
GET H2	200	2.f18ceeac.chunk.js Show response mydeal-dhp.gbm.hsbc.com/static/js/	4 MB 1 MB	169ms 169ms	Script application/javascript	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/js/2.f18ceeac.chunk.js Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash 05947f38b5ca28a78ce8ca01372b7e34b32b785500d3ae23d5c5b4f5a2a300e6 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default x-powered-by ASP.NET x-xss-protection 1; mode=block last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type application/javascript access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 vary Accept-Encoding accept-ranges bytes
GET H2	200	main.232f3a24.chunk.js Show response mydeal-dhp.gbm.hsbc.com/static/js/	987 KB 304 KB	214ms 213ms	Script application/javascript	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/js/main.232f3a24.chunk.js Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash a495d81a6cd2a52325808cb4b9164d7e06442be450687d72c123d4c361f8a4f6 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default x-powered-by ASP.NET x-xss-protection 1; mode=block last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type application/javascript access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 vary Accept-Encoding accept-ranges bytes
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/hsbc/global-gbm-mydeal/qa/	109 B 526 B	553ms 459ms	Script application/javascript	2600:9000:238d:3e00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/global-gbm-mydeal/qa/utag.sync.js Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5ab0b02f7d2790fbddcb312d1aba8560cf6f11ec62a26a676b122f6957fa73ad Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:09 GMT x-amz-version-id RLoZW1VSQWbEyd1eL89xRaqeEKhZ.7k0 via 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront) last-modified Wed, 07 Jun 2023 08:33:20 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 etag "1ec3cbba4427b2af3a2e3b5f5dd40092" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type application/javascript cache-control max-age=300 accept-ranges bytes content-length 109 x-amz-cf-id BDUkioyq4jDKbO5QFk5CURZ7pSrTeQ02KI68nrSCJUzPf7-GCjx_qA==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/hsbc/global-gbm-mydeal/qa/	268 KB 66 KB	548ms 548ms	Script application/javascript	2600:9000:238d:3e00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/global-gbm-mydeal/qa/utag.js Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb315cdcadb9ea70532b8661313fce2a110c711770a5c98ec462280177d6af6e Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:10 GMT x-amz-version-id 6NGYItdLkMtLmAXQn27aRNG5YeWO.GwG content-encoding br last-modified Wed, 07 Jun 2023 08:33:20 GMT server AmazonS3 via 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P1 etag W/"40aad1585cf79c06a958605cc4585ca3" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id fV6khCfRdE6NblymMLtFTc297J1aOQPgew8bNqY7Vzi6-4eWxOEv1Q==
GET H2	200	Orderbook-bg.08d84ae9.png mydeal-dhp.gbm.hsbc.com/static/media/	242 KB 243 KB	71ms 70ms	Image image/png	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Show image Full URL https://mydeal-dhp.gbm.hsbc.com/static/media/Orderbook-bg.08d84ae9.png Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash 562f22a3400aefff17e97728de38d0b71811a75ee3fbf31e1d009749ce47db29 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-powered-by ASP.NET x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type image/png access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 accept-ranges bytes content-length 248282 x-xss-protection 1; mode=block
GET H2	200	UniversNext-Rg.e69fa571.woff mydeal-dhp.gbm.hsbc.com/static/media/	27 KB 27 KB	68ms 67ms	Font font/x-woff	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/media/UniversNext-Rg.e69fa571.woff Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/static/css/main.31ae6386.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/static/css/main.31ae6386.chunk.css Origin https://mydeal-dhp.gbm.hsbc.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:08 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-powered-by ASP.NET x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type font/x-woff access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 accept-ranges bytes content-length 27464 x-xss-protection 1; mode=block
GET H2	200	icomoon.2469ad6d.ttf mydeal-dhp.gbm.hsbc.com/static/media/	3 KB 3 KB	56ms 56ms	Font application/octet-stream	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/static/media/icomoon.2469ad6d.ttf Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/static/css/main.31ae6386.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash a775ddebd9d633ebac8d09026ee71bac20c3e2da4b06aa8626affd5c5ee80878 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/static/css/main.31ae6386.chunk.css Origin https://mydeal-dhp.gbm.hsbc.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:09 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-powered-by ASP.NET x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type application/octet-stream access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 accept-ranges bytes content-length 3356 x-xss-protection 1; mode=block
GET H2	200	HSBC_Logo.9609bbd5.svg mydeal-dhp.gbm.hsbc.com/static/media/	2 KB 1 KB	60ms 59ms	Image image/svg+xml	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Show image Full URL https://mydeal-dhp.gbm.hsbc.com/static/media/HSBC_Logo.9609bbd5.svg Requested by Host: mydeal-dhp.gbm.hsbc.com URL: https://mydeal-dhp.gbm.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / ASP.NET Resource Hash 5d87f26a7667188491ec15ce9ff81f4120f11b0174def9d7a84deae482206a45 Security Headers Name Value Content-Security-Policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:09 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default x-powered-by ASP.NET x-xss-protection 1; mode=block last-modified Wed, 03 Jan 2024 05:03:16 GMT etag "08262923eda1:0" x-frame-options DENY report-to {"group":"default","max_age":10886400,"endpoints":[{"url":"/csp-reporter/api/log"}]} content-type image/svg+xml access-control-allow-origin https://mydeal-dhp.gbm.hsbc.com/,https://mydeal.gbm.hsbc.com/ cache-control public, max-age=604800 vary accept-encoding accept-ranges bytes
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 433 B	37ms 37ms	Script application/javascript	2600:9000:238d:3e00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/global-gbm-mydeal/202306070832&cb=1721919489558 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-mydeal/qa/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Thu, 25 Jul 2024 14:48:57 GMT via 1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P1 age 553 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id nwVVHRV5qXH3D86f2qvweJ_dPRXveqIjTVp6BmBWUSMkIeHg3sdH6A==
GET H2	200	favicon.ico mydeal-dhp.gbm.hsbc.com/	15 KB 15 KB	45ms 45ms	Other image/x-icon	193.108.78.222 HSBC-UK
General Check archive.org Show headers Download Go to Full URL https://mydeal-dhp.gbm.hsbc.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.78.222 , United Kingdom, ASN20705 (HSBC-UK, GB), Reverse DNS Software / Resource Hash 4ff61a2bb3e48eac33f95cfb6a9e2a6a3a1860ce105ba0f19f3ef2856b3d99e7 Request headers Referer https://mydeal-dhp.gbm.hsbc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:58:09 GMT cache-control max-age=360000,public content-length 15406 content-type image/x-icon

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __MyDealUtag string| __MyDealEnv string| __LaaSEnv string| __SHOW_UNFOUND_LANG_KEYS object| utag_cfg_ovrd object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| scCGSHMRCache number| 2f1acc6c3a606b082e5eef5e54414ffb object| webpackJsonploginService object| com object| aesjs object| elliptic function| sha256 function| sha224 object| __XMSDK_PLUGINS object| xmsdk object| xmui object| TEALIUM object| ccmPageList string| css object| utag function| loadLibrary function| checkUrl object| utag_data object| TMS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hsbc.com/	1970-01-21 07:04:15	Name: utag_main Value: v_id:0190ea6645ff000798520e53a5ce05065002005d00b08$_sn:1$_se:1$_ss:1$_st:1721921289536$ses_id:1721919489536%3Bexp-session$_pn:1%3Bexp-session

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reporter/api/log; report-to default
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mydeal-dhp.gbm.hsbc.com
tags.tiqcdn.com
193.108.78.222
2600:9000:238d:3e00:7:2bfb:7c00:93a1
05947f38b5ca28a78ce8ca01372b7e34b32b785500d3ae23d5c5b4f5a2a300e6
4ff61a2bb3e48eac33f95cfb6a9e2a6a3a1860ce105ba0f19f3ef2856b3d99e7
562f22a3400aefff17e97728de38d0b71811a75ee3fbf31e1d009749ce47db29
5ab0b02f7d2790fbddcb312d1aba8560cf6f11ec62a26a676b122f6957fa73ad
5d87f26a7667188491ec15ce9ff81f4120f11b0174def9d7a84deae482206a45
9aac02f5f17a5051c565facae964097cead2ac5c94db67ca9b263f737399fcae
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a495d81a6cd2a52325808cb4b9164d7e06442be450687d72c123d4c361f8a4f6
a775ddebd9d633ebac8d09026ee71bac20c3e2da4b06aa8626affd5c5ee80878
bb315cdcadb9ea70532b8661313fce2a110c711770a5c98ec462280177d6af6e
d849d638178c205cfd44cce2d046c6e1a1a53d50a484ec977295f30fe08b66e3
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
f75cb633654f8c687179eab23f22844b734095a7062800945b9130a6b3ecca6e