urlscan.io logo urlscan.io
SecurityTrails logo

hgrouponline.com Open in urlscan Pro
5.9.124.54  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://hgrouponline.com/
Submission Tags: @ecarlesi threat #phishing #hsbc Search All
Submission: On September 12 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 5.9.124.54, located in Germany and belongs to HETZNER-AS, DE. The main domain is hgrouponline.com.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.
This is the only time hgrouponline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

IP Address AS Autonomous System
22 5.9.124.54 24940 (HETZNER-AS)
1 173.222.169.44 16625 (AKAMAI-AS)
13 13.225.195.98 16509 (AMAZON-02)
1 104.70.55.111 16625 (AKAMAI-AS)
1 104.69.221.137 16625 (AKAMAI-AS)
1 3.161.213.5 16509 (AMAZON-02)
1 52.44.179.249 14618 (AMAZON-AES)
1 52.37.94.185 16509 (AMAZON-02)
2 31.13.80.12 32934 (FACEBOOK)
1 203.112.91.11 ()
2 172.253.122.97 15169 (GOOGLE)
1 13.210.182.20 16509 (AMAZON-02)
1 208.89.12.153 11054 (LIVEPERSON)
2 31.13.80.36 32934 (FACEBOOK)
2 142.251.16.156 15169 (GOOGLE)
2 172.253.63.147 15169 (GOOGLE)
2 172.253.63.94 15169 (GOOGLE)
1 54.79.101.108 ()
58 19
22    5.9.124.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.54.124.9.5.clients.your-server.de
hgrouponline.com
1    173.222.169.44 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-222-169-44.deploy.static.akamaitechnologies.com
cdn.optimizely.com
13    13.225.195.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-98.yul62.r.cloudfront.net
tags.tiqcdn.com
1    104.70.55.111 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-55-111.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
1    104.69.221.137 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-221-137.deploy.static.akamaitechnologies.com
a19069622224.cdn.optimizely.com
1    3.161.213.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-5.yul62.r.cloudfront.net
cdn.appdynamics.com
1    52.44.179.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-179-249.compute-1.amazonaws.com
logx.optimizely.com
1    52.37.94.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-94-185.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
2    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
connect.facebook.net
1    203.112.91.11 (None, )

ASN- ()
www.mcm-prod.hsbc.com.au
2    172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net
www.googletagmanager.com
1    13.210.182.20 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-182-20.ap-southeast-2.compute.amazonaws.com
collect-ap-southeast-2.tealiumiq.com
1    208.89.12.153 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
lptag.liveperson.net
2    31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com
www.facebook.com
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
googleads.g.doubleclick.net
2    172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net
www.google.com
2    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.google.ca
1    54.79.101.108 (None, )

ASN- ()
visitor-service-ap-southeast-2.tealiumiq.com
Apex Domain
Subdomains		 Transfer
22 hgrouponline.com
hgrouponline.com
1 MB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1209
akamai.tiqcdn.com — Cisco Umbrella Rank: 12751
100 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 795
a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 81292
logx.optimizely.com — Cisco Umbrella Rank: 1530
115 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8913
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
239 B
2 tealiumiq.com
collect-ap-southeast-2.tealiumiq.com — Cisco Umbrella Rank: 182562
visitor-service-ap-southeast-2.tealiumiq.com
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
138 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
88 KB
1 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3762
1 hsbc.com.au
www.mcm-prod.hsbc.com.au Failed
35 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 3273
776 B
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4424
18 KB
58 14
Domain Requested by
22 hgrouponline.com hgrouponline.com
13 tags.tiqcdn.com hgrouponline.com
tags.tiqcdn.com
2 www.google.ca
2 www.google.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.facebook.com
2 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
1 visitor-service-ap-southeast-2.tealiumiq.com tags.tiqcdn.com
1 lptag.liveperson.net tags.tiqcdn.com
1 collect-ap-southeast-2.tealiumiq.com hgrouponline.com
1 www.mcm-prod.hsbc.com.au hgrouponline.com
tags.tiqcdn.com
1 col.eum-appdynamics.com hgrouponline.com
1 logx.optimizely.com hgrouponline.com
1 cdn.appdynamics.com hgrouponline.com
1 a19069622224.cdn.optimizely.com cdn.optimizely.com
1 akamai.tiqcdn.com hgrouponline.com
1 cdn.optimizely.com hgrouponline.com
58 18

This site contains no links.

Subject Issuer Validity Valid
hgrouponline.com
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-21 -
2023-09-19		 3 months crt.sh
www.mcm-prod.hsbc.com.au
DigiCert SHA2 Extended Validation Server CA		 2022-09-26 -
2023-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01		 2023-07-25 -
2024-08-22		 a year crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hgrouponline.com/
Frame ID: 381C0BC14AC89B63B364C70825DDFF1E
Requests: 57 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: C48642F11A98293E50336A559B7E47F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HSBC Australia - Personal Banking, Credit Cards, Loans, Accounts

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

19
IPs

4
Countries

1933 kB
Transfer

4575 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hgrouponline.com/ 		65 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
42c8feccc9686ddde908a4168df242ddf58ad4d3a5067db76b3fd44eab469f61

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
7675
content-type
text/html
date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Mon, 11 Sep 2023 23:48:12 GMT
server
LiteSpeed
vary
Accept-Encoding
clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
hgrouponline.com/ 		896 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
b50952e80beac3073c71848ec43d4ceaa929ada20b254a709a155b0861d59647

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
93387
expires
Tue, 19 Sep 2023 09:11:14 GMT
utag.sync.js
hgrouponline.com/ 		2 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/utag.sync.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
4a173f345c5802a8e034413f3debcf34554afc8b6a59f8177fbe6114c96704e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
816
expires
Tue, 19 Sep 2023 09:11:14 GMT
appd.min.28729b81913621076cb1004898cb22c7.js
hgrouponline.com/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
589c637bb7a658de26723d9dfedcb3a517d9b34d696c9335028986acec6f4b0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11168
expires
Tue, 19 Sep 2023 09:11:14 GMT
01_HSBC_MASTERBRAND_LOGO_RGB.svg
hgrouponline.com/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/01_HSBC_MASTERBRAND_LOGO_RGB.svg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1879
expires
Tue, 19 Sep 2023 09:11:14 GMT
10736-woman-taking-a-sunbath-on-mountain-peak-33x400.jpg
hgrouponline.com/ 		460 KB
460 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/10736-woman-taking-a-sunbath-on-mountain-peak-33x400.jpg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
e594d154806d7cab7ca0fbddcb9256c0fb55bb324c1ff3521664876fb6f8e04e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
471323
expires
Tue, 19 Sep 2023 09:11:14 GMT
9999-everyday-savings-889x500.jpg
hgrouponline.com/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/9999-everyday-savings-889x500.jpg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1a3b261bc180b22846f05ee508cdd2b0154403f7a3ad4722ad8020310a702e0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
252190
expires
Tue, 19 Sep 2023 09:11:14 GMT
cq5dam.web.590.1000.jpeg
hgrouponline.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/cq5dam.web.590.1000.jpeg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
7533e548db945c0025f1f7fbd502ff27189bacab0beada9ea20568a1504fdfae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
40981
expires
Tue, 19 Sep 2023 09:11:14 GMT
cq5dam.web.590.1000-1.jpeg
hgrouponline.com/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/cq5dam.web.590.1000-1.jpeg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
c1589c5dae3fbb29fe1083596ffab664f38723153f3b640311fc3be128db68b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
91991
expires
Tue, 19 Sep 2023 09:11:14 GMT
cq5dam.web.590.1000-2.jpeg
hgrouponline.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/cq5dam.web.590.1000-2.jpeg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
dd1f0b70f08d06591a084ce3b00c0354d0c673c1c8aba0c6ff4e3b4309816232

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
52232
expires
Tue, 19 Sep 2023 09:11:14 GMT
cq5dam.web.590.1000-3.jpeg
hgrouponline.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/cq5dam.web.590.1000-3.jpeg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
ad6425f56028e6a3bdd936eaf8aa2bf9768f7687e3c0f7fea845ba999968448e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34971
expires
Tue, 19 Sep 2023 09:11:14 GMT
cq5dam.web.590.1000-4.jpeg
hgrouponline.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgrouponline.com/cq5dam.web.590.1000-4.jpeg
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1398b7aa018302110402a3c7865eee99ecbeab6797ffc5391c06ebbb5b9db2d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34967
expires
Tue, 19 Sep 2023 09:11:14 GMT
clientlib-jquery.e707977d551ec8c86a2541af384e7f64.js
hgrouponline.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/clientlib-jquery.e707977d551ec8c86a2541af384e7f64.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
9963a0d111fcb3d87a4874730cbfba7a84520aebb866b74886fd7d6de5a5b608

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
37195
expires
Tue, 19 Sep 2023 09:11:14 GMT
clientlib-all.min.c5d37f117a2aa465ed46e4c61fe69bf0.js
hgrouponline.com/ 		641 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/clientlib-all.min.c5d37f117a2aa465ed46e4c61fe69bf0.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
310bba12e493ac7ff120d00de7dd1d8e03d0f9ff61140b644ba903a559762ac7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
133300
expires
Tue, 19 Sep 2023 09:11:14 GMT
20365490699.js
cdn.optimizely.com/js/ 		466 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20365490699.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.169.44 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-222-169-44.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0c5d102d1c10450147490ac5fadf0853ee76cd031974219b9d9da50e5dc5919c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
Cg4AGnAx74k.f2gZ9BgjC8VmzDy7nwtu
content-encoding
gzip
date
Tue, 12 Sep 2023 09:11:14 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
EDJP7RVZTWGRDMSY
x-amz-server-side-encryption
AES256
x-amz-meta-revision
3011
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=29, origin; dur=14, cdn;desc="AkamaiION";dur=0,rtt;desc="24";dur=0,cdnip;desc="173.222.169.44";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1694509874761_400320791_723444022_4268_2047_24_46_146";dur=1
content-length
115018
x-amz-id-2
fS5YzNAJK9k9w7SZPWjNkrAR34TwqfwRgi3NZY/yMjm5O3ObhISighWmk5YgJHBRpbtjOpZLaOA=
last-modified
Mon, 11 Sep 2023 10:10:25 GMT
server
AmazonS3
etag
"dc1f99d1a2cc8bef09d368756b2be3b0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utag.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		156 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33d65290e0d729450c46c179d15cdc7773c7a670bee7b90dd76e9b6a931465c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
XZ7RaImoy7uUkN8Zwus5uiukJQX4T_Mr
content-encoding
gzip
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:15 GMT
last-modified
Mon, 07 Aug 2023 09:04:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"1f74eeb7d01ea55fabdc6b501c494420"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
4cfzvFIsz9lpCQ4AafARGB8M-pJLyQPxxUjY0FCjPxymRiBIYHWQJg==
UniversNextforHSBCW02-Rg.woff
hgrouponline.com/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/UniversNextforHSBCW02-Rg.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27464
expires
Tue, 19 Sep 2023 09:11:14 GMT
UniversNextforHSBCW02-Bd.woff
hgrouponline.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/UniversNextforHSBCW02-Bd.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26328
expires
Tue, 19 Sep 2023 09:11:14 GMT
HSBCIcon-Font-Extension.woff
hgrouponline.com/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/HSBCIcon-Font-Extension.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
38384
expires
Tue, 19 Sep 2023 09:11:14 GMT
UniversNextforHSBCW02-Lt.woff
hgrouponline.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/UniversNextforHSBCW02-Lt.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26300
expires
Tue, 19 Sep 2023 09:11:14 GMT
UniversNextforHSBCW02-Th.woff
hgrouponline.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/UniversNextforHSBCW02-Th.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26884
expires
Tue, 19 Sep 2023 09:11:14 GMT
UniversNextforHSBCW02-LtIt.woff
hgrouponline.com/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/UniversNextforHSBCW02-LtIt.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:14 GMT
last-modified
Fri, 25 Aug 2023 08:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24980
expires
Tue, 19 Sep 2023 09:11:14 GMT
location.js
akamai.tiqcdn.com/location/ 		18 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.55.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-55-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 09:11:14 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=CA,region_code=ON,city=TORONTO,areacode=0,zip=M3H+M3M+M4B+M4C+M4E+M4G+M4H+M4J+M4K+M4L+M4M+M4N+M4P+M4R+M4S+M4T+M4V+M4W+M4X+M4Y+M5A+M5B+M5C+M5E+M5G+M5H+M5J+M5K+M5L+M5M+M5N+M5P+M5R+M5S+M5T+M5V+M5W+M5X+M6A+M6B+M6C+M6E+M6G+M6H+M6J+M6K+M6L+M6M+M6N+M6P+M6R+M6S+M7A+M7Y+M9M+M9N+M9P+M9W,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Wed, 27 Sep 2023 09:11:14 GMT
a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame C486 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20365490699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.69.221.137 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-221-137.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://hgrouponline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1204
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 09:11:15 GMT
etag
"0a1c19fff4c810b8de61571059c9996e"
last-modified
Tue, 12 Sep 2023 08:18:13 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=28 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="24";dur=0,cdnip;desc="104.69.221.137";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1694509875126_1224195647_894641798_2760_1611_24_48_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
qa1l12kF4IlIjLtZwQBV1jcuIZ0nOrQWVCqxKhYwBfiIXOm+tGgnQHkSNwPV8BYICxd14aYN/Os=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
KS7XB3N0CVE4QFQY
x-amz-server-side-encryption
AES256
x-amz-version-id
0bbsMVjJTJJkPqe.z9RKCcX79LQsJ1Mt
HSBCIcon-Font.woff
hgrouponline.com/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/HSBCIcon-Font.woff
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df

Request headers

Referer
https://hgrouponline.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hgrouponline.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:15 GMT
last-modified
Fri, 25 Aug 2023 08:03:42 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22532
expires
Tue, 19 Sep 2023 09:11:15 GMT
auth-status-hint
hgrouponline.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hgrouponline.com/auth-status-hint?_=1694509874743
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.9.124.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.124.9.5.clients.your-server.de
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept
*/*
Referer
https://hgrouponline.com/
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
json

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:15 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1238
content-type
text/html
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/au-rbwm/202308070901&cb=1694509875191
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Tue, 12 Sep 2023 09:04:01 GMT
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
xp2WglgNMZCcNd4rbgs4nRezbFP3zlH1PIf1opQcmtHeWBZnl1o4eg==
utag.974.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.974.js?utv=ut4.46.202308070901
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ecab6c5ed3bbfc3064b173c6b8412d4df76d9c3228bc41d915dc3d7eaf0add2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
fldzga4jAKQFhpCPLCuAxImrmGdeo0L3
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"228a3fae78912041a76e2693cf19773c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
wK-1JtqFd1hG9tgs4SpBhAZndqvm2q8AbJO7edFautZLliPUtOYReg==
utag.587.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.587.js?utv=ut4.46.202010210957
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b505d677b2729fda40bdfe8c6978dcf437646960f9f60ff77b996c98d8efe805

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
nc8Vf_GGp7xlS4eBnRuYHhSwwHWNea.c
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"24acc7d9c238ce9074d26c2626d435bf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
3RdDGNpwWCEtOYhgePSAxYaqaslKRzxX78qVhAdwLc8Fv2uHRB1-AA==
utag.924.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.924.js?utv=ut4.46.202207191534
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93c07870357d4426bf5de0e3b8733bdaf31999ced5c86603105ab45f57dfafae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
Ku29dnfa11fe2kQ7mioDO1dv1FJ4UAEQ
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"8d6e9349286ca60f49b152b5ba85f5a9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
mAy_iyjpvNCLbRtGvMcuKsoWUPb_ClvGleAtxzpR0v3AokBxgntCdw==
utag.972.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.972.js?utv=ut4.46.202308070901
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38c881a3d53ef225ff8fc81b607e67606d89c4924343877eb57ea09101cedfbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
mCAzCOZVEe7WSd6MLxABCeOGk6CIjlRu
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"444e73b0d2c1799e43b91e92a901bca0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
NMI3sTmwyWvurmtuVnYjV9QGqOWA5hfXs512OKmDxcrh3PsOQYMFsw==
utag.1050.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1050.js?utv=ut4.46.202303280919
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3cc539e89081d74391cb96043c9403c5de1c0015f2778f6e6c78cd48c5e97a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
OWFkv8mtxL6gjeRSAHCDfa0w2HMwmfQ_
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"bcab366319b2a4b45abcb32e608dc991"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
OpgKsiVYgcTgy83750eYK9IEVukdwCcH_o4_psusIn4Co4K22UpSkg==
utag.1074.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1074.js?utv=ut4.46.202301201405
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2310d200e4a4552050aed14690f8beabda58cb247d600fb7fee7812f928bbb26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
pJ1Q_Hg6GjJyjUaH.IGehHbSJbshdYkS
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"f3842dd0e43ce30cfe9699cc9a5a0782"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
59wTEe9i5zMWBQoR4Hv3omKR6whsTKvIQLN3u60GjJt0ldebc_ifkg==
utag.1075.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1075.js?utv=ut4.46.202301201405
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09b648832183233050fb5d1435d6adff56e4da3c79d8066f4b622eb5695e99fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
yPCk3o8_IPi.M0Z1XU9_HuC8uhz5TUHB
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:36 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"54c727c2816f3c952be82b16ac2400a8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
OS7xhY-ZBoYICNlsWsFNposT-FM4h0TS3GZ7q4e_L_NvRvwmnBqnmg==
utag.1099.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1099.js?utv=ut4.46.202206221706
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4581d0a750f26b4229bf56c26583aac90e19b39ccbc23c3f0a109b05076a0676

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
atctKXg2RUrXPxwtjjKd1o_8SsWkY4Hc
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:36 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"08ea508b792237a38206b5267c6468e7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
FCOlxkoOKN_aN_gYrAggiy52nZF31NsTfJVMNtPYkKzdpf0gVVbIPw==
utag.1170.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1170.js?utv=ut4.46.202206171012
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b6e2b5ae6e4943c0df175e278d2ff01b14513a61d56f52ab09d46aa9600cd04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
pCktB7KloL3ozzRLsmQkSdjE.2SErvEU
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:40 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"34d02e46bc3d2191d5016a078fae38be"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
yz6CVQ-Km4D4104m6cPGLVg5Kd51t-8KAhxKbaSGnJ394N9ZGhL-8A==
utag.1171.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1171.js?utv=ut4.46.202206171012
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a1721e57194b0069b6c65a3afcb7c8106d060c2d479dee33015430176a7d881

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
SGlrsuRWtXIeKndxY74zfOpmuLzzhHDr
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"d8b0ae8a2dc49c96f55cba6b0d8e6974"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
KO7_rvcQJcWVi2BXTvD7ROHhVA5O92WR5Pzzn-Jk9xyAk-MOuKLsBA==
utag.1201.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1201.js?utv=ut4.46.202307251747
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-98.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6eaf757ac5f2e6f8ee6a53fb3bb01bd49d60cf12979397b713b85aad43c9a27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
JElCtNme7IvYhu_Trml0nVT2bsdc2C7h
content-encoding
br
via
1.1 a5facfe972c5950b095ce2b946902f9c.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 09:11:16 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
W/"f8a86ff2406f3b9aaed19371af0649ea"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
RIYei0u8xO9YYPAMoRjaa4UcX906QRh5lbjf_UxfgxmNkkA01wfjoQ==
adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
cdn.appdynamics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-5.yul62.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 05:10:43 GMT
content-encoding
gzip
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
1656032
x-cache
Hit from cloudfront
last-modified
Thu, 15 Sep 2016 22:05:47 GMT
server
nginx/1.16.1
etag
W/"57db1b3b-b4f4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1ke0eV69WVr2jtRgCsLBdC2CjFlmGUeH4KyQ8YuFvvPJxVrogoavDg==
events
logx.optimizely.com/v1/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.179.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-179-249.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hgrouponline.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Sep 2023 09:11:16 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://hgrouponline.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
2a51f851-e395-4f4e-8992-db17aceea546
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DCB/ 		0
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DCB/adrum
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.94.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-94-185.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536010; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hgrouponline.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:16 GMT
strict-transport-security
max-age=31536010; includeSubDomains
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Sep 2023 09:11:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
KyNT1prq4ogBVfwY7I1eeyPIiigNJCRSqLS6lIcuzU03EDOgu+Rkq7beXRBPexEfMWBXI4r2yEx5STVYn8hS3g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
session.json
www.mcm-prod.hsbc.com.au/2795/handler9/ 		0
0
JavascriptInsert.js
www.mcm-prod.hsbc.com.au/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mcm-prod.hsbc.com.au/JavascriptInsert.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.972.js?utv=ut4.46.202308070901
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.112.91.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a8f96af8a2980c428c4e54a84253c5ba77b0ae03ba43dff9a7d4c622e97354b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 09:11:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 02 Dec 2016 10:09:57 GMT
ETag
7ba32397f116681461d19524068961b4
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Cache-Control
max-age=900, s-maxage=900
Connection
Keep-Alive
S
LIST02RPAU-WS
Keep-Alive
timeout=5
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8709841
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1099.js?utv=ut4.46.202206221706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
42c9115eb71080fea7086ab1eb43229036cab5f8d9ac538b4875851a50673738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66579
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Sep 2023 09:11:17 GMT
i.gif
collect-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/2/ 		43 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/2/i.gif
Requested by
Host: hgrouponline.com
URL: https://hgrouponline.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.182.20 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-182-20.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://hgrouponline.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryq1ohOJhWKTxoqj6a

Response headers

date
Tue, 12 Sep 2023 09:11:18 GMT
x-serverid
uconnect_i-063ef1c870f5371a6
x-tid
018a88a8be8f0015dd7775dc233103074001906c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
hsbc:wpb-stream-au:2:datacloud
x-region
ap-southeast-2
content-length
43
pragma
no-cache
x-did
018a88a8be8f0015dd7775dc233103074001906c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://hgrouponline.com
x-ulver
e08b1f2e7736148d8d440ca43d6fce039e9a788e-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
0e1e38e7-0611-41de-af14-d09220d44f1f
expires
Tue, 12 Sep 2023 09:11:18 GMT
tag.js
lptag.liveperson.net/tag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=21508700
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1050.js?utv=ut4.46.202303280919
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
235390370455098
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/235390370455098?v=2.9.125&r=stable&domain=hgrouponline.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
218730e84fa10a22d8f2916ad2eabf214cc2f1512aa1201aa5f43eb8ae784ebe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Sep 2023 09:11:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
lJgoaIz00+/v7+bK/RuZHjsl71U/mim1NGoWlLI7/2J6GQaQe703YqWnC0BwBrwDCk/dPwxT5Ta8/mbUFgOEEg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8709841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
af807f8d9d4dd02792a1649c76371404153423a65ecab702158368a1b9a0670f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:11:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74147
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Sep 2023 09:11:17 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=235390370455098&ev=PageView&dl=https%3A%2F%2Fhgrouponline.com%2F&rl=&if=false&ts=1694509877900&cd[referring_source]=direct&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1694509877899.1304439890&it=1694509877791&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 12 Sep 2023 09:11:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/?random=1694509877977&cv=11&fst=1694509877977&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&auid=1157363203.1694509878&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
26095e5393f858a4a3da58fe6be782efc42fe9b8b7b1f8d6877257e0d25772e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/?random=1694509877996&cv=11&fst=1694509877996&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&auid=1157363203.1694509878&uamb=0&uaw=0&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
b54750bdbcd9b814e432a721a22a0ae3a131dee1034c91d0011dc19e0abb6e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1407
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/944473433/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/944473433/?random=1694509877996&cv=11&fst=1694509200000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=2992418438&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/944473433/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/944473433/?random=1694509877996&cv=11&fst=1694509200000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=2992418438&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/944473433/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/944473433/?random=1694509877977&cv=11&fst=1694509200000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=345832371&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/944473433/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/944473433/?random=1694509877977&cv=11&fst=1694509200000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fhgrouponline.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a88a8be8f0015dd7775dc233103074001906c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=345832371&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 09:11:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=235390370455098&ev=Microdata&dl=https%3A%2F%2Fhgrouponline.com%2F&rl=&if=false&ts=1694509878404&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1694509877899.1304439890&it=1694509877791&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 12 Sep 2023 09:11:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
018a88a8be8f0015dd7775dc233103074001906c00b08
visitor-service-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/018a88a8be8f0015dd7775dc233103074001906c00b08?callback=utag.ut%5B%22writevawpb-stream-au%22%5D&rnd=1694509878571
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.101.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d487882b81c08ee5be2bfe1ce2aa487844e950d1985bb308d30fe8db3406c1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hgrouponline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-version
e08b1f2e7736148d8d440ca43d6fce039e9a788e-SNAPSHOT
date
Tue, 12 Sep 2023 09:11:19 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
ap-southeast-2
content-length
6400
x-nodeid
i-0b23b84f9760d5292
content-type
application/javascript; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mcm-prod.hsbc.com.au
URL
https://www.mcm-prod.hsbc.com.au/2795/handler9/session.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| TMS number| maskTimeout boolean| syncChangesApplied object| cssRuleManager function| removeMask object| u object| HSBC object| optimizely object| utag_data string| adrum-app-key number| adrum-start-time object| ADRUM undefined| $ function| jQuery object| utag_err boolean| utag_condload string| userAgent string| platform object| macosPlatforms object| iosPlatforms object| Evnt object| jwt undefined| JWTInternals object| elem boolean| loggedInScript string| versionNode number| version object| params object| qp_v_id object| qp_ses_id object| utag function| isFunction undefined| toObject undefined| track function| _tealium_old_error object| utag_cfg_ovrd string| mn object| tms object| pixel_lib undefined| _ number| startTime number| duration function| objectToString function| isArray function| typeStr function| escapeRegExp function| hasProperty function| primitiveHasOwnProperty function| regExpTest function| testRegExp object| nonSpaceRe function| isWhitespace object| entityMap function| escapeHtml object| whiteRe object| spaceRe object| equalsRe object| curlyRe object| tagRe function| parseTemplate function| squashTokens function| nestTokens function| Scanner function| Context function| Writer object| mustache object| defaultWriter function| RadioButton function| RadioGroup object| respond function| moment object| Bootstrap object| GPWS object| HSBC_utils object| Mustache object| cpiUtils object| utag_extn function| fbq function| _fbq object| dataLayer function| tealium_liveperson_lib object| lpTag object| MCM object| __MCMMsgs boolean| MCMInitized string| HSBCAUPageID string| HSBCAUcompatVersion string| HSBCAUpacketVersion string| HSBCAUuseCorsForInitialRequest string| HSBCAUuseJsonFormatForInitialCorsRequest string| HSBCAUTCP string| HSBCAUSSL function| HSBCAUgPr object| HSBCAUpendingManualEvents object| HSBCAUqueuedYoutubeReferences function| HSBCAUevent function| HSBCAUclick function| HSBCAUtextchange function| HSBCAUformsubmit function| HSBCAUSendJsonData function| HSBCAUtrackYouTubeIframePlayer function| HSBCAUinitialExecutionCanProceed function| HSBCAUblockExecutionForInsertAlreadyPresent function| HSBCAUSL function| HSBCAUsendScriptRequests function| HSBCAUcookieAllowsScriptToProceed function| HSBCAUSC function| HSBCAUfindCookieVal function| HSBCAUdeleteLegacyCookies function| HSBCAUdoDeleteCookie boolean| HSBCAULF function| HSBCAUclearStoppedState function| HSBCAUstop function| HSBCAUgenerateUUID object| HSBCAUcookieList function| HSBCAUgC function| HSBCAUae function| HSBCAUclient_event function| HSBCAUGP function| HSBCAUGPWID function| HSBCAULC string| HSBCAUTWID function| HSBCAUoptOut function| HSBCAUoptIn function| HSBCAUanonymous function| HSBCAUresetCSA function| HSBCAUdoReInit function| HSBCAUtmoPoll boolean| HSBCAUjsInsertAlreadyLoaded function| HSBCAUgetSD string| HSBCAUwindowID number| HSBCAUTm object| HSBCAUsImgArr object| HSBCAURTEHandler object| h boolean| gtag_enable_tcf_support object| e number| f string| items object| google_tag_manager object| google_tag_data object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
.hgrouponline.com/ Name: optimizelyEndUserId
Value: oeu1694509875001r0.9206262167718569
.hgrouponline.com/ Name: tms_ref
Value:
.hgrouponline.com/ Name: usy46gabsosd
Value: HSBCAU_16945098776790.87aa891a52143cc85ce280f8517a13a3_2795
.hgrouponline.com/ Name: _gcl_au
Value: 1.1.1157363203.1694509878
.hgrouponline.com/ Name: _fbp
Value: fb.1.1694509877899.1304439890
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tealiumiq.com/ Name: TAPID
Value: hsbc/wpb-stream-au>018a88a8be8f0015dd7775dc233103074001906c00b08|
.hgrouponline.com/ Name: utag_main
Value: v_id:018a88a8be8f0015dd7775dc233103074001906c00b08$_sn:1$_se:1$_ss:1$_st:1694511674832$ses_id:1694509874832%3Bexp-session$_pn:1%3Bexp-session$dc_group:69$dc_visit:1$dc_event:1%3Bexp-session$dc_region:ap-southeast-2%3Bexp-session

4 Console Messages

Source Level URL
Text
network error URL: https://hgrouponline.com/auth-status-hint?_=1694509874743
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lptag.liveperson.net/tag/tag.js?site=21508700
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://hgrouponline.com/
Message:
Access to XMLHttpRequest at 'https://www.mcm-prod.hsbc.com.au/2795/handler9/session.json' from origin 'https://hgrouponline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.mcm-prod.hsbc.com.au/2795/handler9/session.json
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.appdynamics.com
cdn.optimizely.com
col.eum-appdynamics.com
collect-ap-southeast-2.tealiumiq.com
connect.facebook.net
googleads.g.doubleclick.net
hgrouponline.com
logx.optimizely.com
lptag.liveperson.net
tags.tiqcdn.com
visitor-service-ap-southeast-2.tealiumiq.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.mcm-prod.hsbc.com.au
www.mcm-prod.hsbc.com.au
104.69.221.137
104.70.55.111
13.210.182.20
13.225.195.98
142.251.16.156
172.253.122.97
172.253.63.147
172.253.63.94
173.222.169.44
203.112.91.11
208.89.12.153
3.161.213.5
31.13.80.12
31.13.80.36
5.9.124.54
52.37.94.185
52.44.179.249
54.79.101.108
09b648832183233050fb5d1435d6adff56e4da3c79d8066f4b622eb5695e99fe
0b6e2b5ae6e4943c0df175e278d2ff01b14513a61d56f52ab09d46aa9600cd04
0c5d102d1c10450147490ac5fadf0853ee76cd031974219b9d9da50e5dc5919c
1398b7aa018302110402a3c7865eee99ecbeab6797ffc5391c06ebbb5b9db2d2
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1a3b261bc180b22846f05ee508cdd2b0154403f7a3ad4722ad8020310a702e0a
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
218730e84fa10a22d8f2916ad2eabf214cc2f1512aa1201aa5f43eb8ae784ebe
2310d200e4a4552050aed14690f8beabda58cb247d600fb7fee7812f928bbb26
26095e5393f858a4a3da58fe6be782efc42fe9b8b7b1f8d6877257e0d25772e3
310bba12e493ac7ff120d00de7dd1d8e03d0f9ff61140b644ba903a559762ac7
33d65290e0d729450c46c179d15cdc7773c7a670bee7b90dd76e9b6a931465c5
38c881a3d53ef225ff8fc81b607e67606d89c4924343877eb57ea09101cedfbc
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
3ecab6c5ed3bbfc3064b173c6b8412d4df76d9c3228bc41d915dc3d7eaf0add2
42c8feccc9686ddde908a4168df242ddf58ad4d3a5067db76b3fd44eab469f61
42c9115eb71080fea7086ab1eb43229036cab5f8d9ac538b4875851a50673738
4581d0a750f26b4229bf56c26583aac90e19b39ccbc23c3f0a109b05076a0676
4a173f345c5802a8e034413f3debcf34554afc8b6a59f8177fbe6114c96704e9
4a8f96af8a2980c428c4e54a84253c5ba77b0ae03ba43dff9a7d4c622e97354b
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
589c637bb7a658de26723d9dfedcb3a517d9b34d696c9335028986acec6f4b0b
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6a1721e57194b0069b6c65a3afcb7c8106d060c2d479dee33015430176a7d881
7533e548db945c0025f1f7fbd502ff27189bacab0beada9ea20568a1504fdfae
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
93c07870357d4426bf5de0e3b8733bdaf31999ced5c86603105ab45f57dfafae
980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133
9963a0d111fcb3d87a4874730cbfba7a84520aebb866b74886fd7d6de5a5b608
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3cc539e89081d74391cb96043c9403c5de1c0015f2778f6e6c78cd48c5e97a4
ad6425f56028e6a3bdd936eaf8aa2bf9768f7687e3c0f7fea845ba999968448e
af807f8d9d4dd02792a1649c76371404153423a65ecab702158368a1b9a0670f
b505d677b2729fda40bdfe8c6978dcf437646960f9f60ff77b996c98d8efe805
b50952e80beac3073c71848ec43d4ceaa929ada20b254a709a155b0861d59647
b54750bdbcd9b814e432a721a22a0ae3a131dee1034c91d0011dc19e0abb6e88
b6eaf757ac5f2e6f8ee6a53fb3bb01bd49d60cf12979397b713b85aad43c9a27
c1589c5dae3fbb29fe1083596ffab664f38723153f3b640311fc3be128db68b0
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3
d487882b81c08ee5be2bfe1ce2aa487844e950d1985bb308d30fe8db3406c1b9
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
dd1f0b70f08d06591a084ce3b00c0354d0c673c1c8aba0c6ff4e3b4309816232
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
e594d154806d7cab7ca0fbddcb9256c0fb55bb324c1ff3521664876fb6f8e04e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629