www2.firstdirect.com Open in urlscan Pro
91.214.6.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/reA8Cz7lqCnrrBguMmWf_?domain=tracking.information.firstdirect.com
Effective URL:
https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFr...
Submission: On November 26 via manual (November 26th 2020, 8:56:01 am UTC) from GB

Summary HTTP 43 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 43 HTTP transactions. The main IP is 91.214.6.93, located in United Kingdom and belongs to HSBC-UK, GB. The main domain is www2.firstdirect.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 7th 2020. Valid for: a year.

This is the only time www2.firstdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.220.42.63 91.220.42.63	42427 (MIMECAST-UK) (MIMECAST-UK)
1 1	195.68.228.110 195.68.228.110	12703 (PULSANT-AS) (PULSANT-AS)
3 3	91.214.6.146 91.214.6.146	20705 (HSBC-UK) (HSBC-UK)
14	91.214.6.93 91.214.6.93	20705 (HSBC-UK) (HSBC-UK)
6	172.227.86.73 172.227.86.73	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.90.7 143.204.90.7	16509 (AMAZON-02) (AMAZON-02)
2	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
5	91.214.5.154 91.214.5.154	20705 (HSBC-UK) (HSBC-UK)
5	2a03:6400:10:... 2a03:6400:10:0:178:249:97:99	11054 (LIVEPERSON) (LIVEPERSON)
4	178.249.97.70 178.249.97.70	11054 (LIVEPERSON) (LIVEPERSON)
4	2a03:6400:10:... 2a03:6400:10:0:178:249:97:98	11054 (LIVEPERSON) (LIVEPERSON)
2	52.215.95.50 52.215.95.50	16509 (AMAZON-02) (AMAZON-02)
43	9

2 91.220.42.63 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.68.228.110 (United Kingdom) 1 redirects

ASN12703 (PULSANT-AS, GB)
PTR: mta110.fwdto.net

tracking.information.firstdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.214.6.146 (United Kingdom) 3 redirects

ASN20705 (HSBC-UK, GB)

www.firstdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 91.214.6.93 (United Kingdom)

ASN20705 (HSBC-UK, GB)

www2.firstdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.227.86.73 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a172-227-86-73.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-7.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.214.5.154 (Chester, United Kingdom)

ASN20705 (HSBC-UK, GB)

www.mcmprod.hsbc.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.70 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net

lo.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.95.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-95-50.eu-west-1.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	firstdirect.com 4 redirects tracking.information.firstdirect.com www.firstdirect.com www2.firstdirect.com	324 KB
9	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	36 KB
6	liveperson.net lptag.liveperson.net lo.v.liveperson.net	100 KB
6	tiqcdn.com tags.tiqcdn.com	235 KB
5	hsbc.co.uk www.mcmprod.hsbc.co.uk	39 KB
2	eum-appdynamics.com col.eum-appdynamics.com	2 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com	1 KB
1	appdynamics.com cdn.appdynamics.com	18 KB
43	8

	Domain	Requested by
14	www2.firstdirect.com	www2.firstdirect.com
6	tags.tiqcdn.com	www2.firstdirect.com tags.tiqcdn.com
5	accdn.lpsnmedia.net	lptag.liveperson.net
5	www.mcmprod.hsbc.co.uk	www2.firstdirect.com tags.tiqcdn.com
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	lo.v.liveperson.net	lptag.liveperson.net
3	www.firstdirect.com	3 redirects
2	col.eum-appdynamics.com	www2.firstdirect.com
2	lptag.liveperson.net	tags.tiqcdn.com
2	protect-eu.mimecast.com	2 redirects
1	cdn.appdynamics.com	www2.firstdirect.com
1	tracking.information.firstdirect.com	1 redirects
43	12

This site contains links to these domains. Also see Links.

Domain
fdesign.firstdirect.com
mortgages.firstdirect.com
www.which.co.uk
www.facebook.com
twitter.com
www.youtube.com
www1.firstdirect.com

Subject Issuer	Validity	Valid
www.firstdirect.com DigiCert SHA2 Extended Validation Server CA	`2020-01-07` - `2021-02-13`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-17` - `2021-07-22`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
www.mcmprod.hsbc.co.uk DigiCert SHA2 Extended Validation Server CA	`2020-10-27` - `2021-11-10`	a year	crt.sh
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA	`2018-02-26` - `2021-02-25`	3 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-10` - `2021-07-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
Frame ID: E4C65C936D127FCAD2866176A7877F59
Requests: 42 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fwww2.firstdirect.com&site=34735562&env=prod
Frame ID: FBA883E598BC0DF3B82811C0F2531F98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/reA8Cz7lqCnrrBguMmWf_?domain=tracking.information.firstdirect.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNp9UtuO0zAQ_ZXIz03qS-I0FZftFhYetiu0gkpIlSLHl8bbOo5shxUg_p1JKYKnfbI... HTTP 307
http://tracking.information.firstdirect.com/r/?id=h1284122a,39054da,313d6ea HTTP 302
https://www.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2:... HTTP 302
https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2:... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/etc\/designs\//i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

43
Requests

100 %
HTTPS

17 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

753 kB
Transfer

2024 kB
Size

4
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://fdesign.firstdirect.com/
Title: fdesign

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/
Title: Mortgages

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-guides/first-time-buyers
Title: Buying my first home

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-guides/remortgaging
Title: Remortgaging with first direct

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-guides/selling-your-house
Title: Moving to a new home

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/how-to-apply
Title: How to apply?

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-guides/existing-mortgage-customers
Title: Existing mortgage customers

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/compare-mortgages
Title: Find a mortgage for you

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-calculators/how-much-can-i-borrow
Title: How much can I borrow

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-calculators
Title: More calculators

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-and-rate-types/repayment
Title: Repayment mortgages

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-and-rate-types/offset
Title: Offset mortgage

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-rates-fees/fees
Title: Our mortgage fees

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-rates-fees/list-rates
Title: Our mortgage rates

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-and-rate-types/fixed
Title: Fixed rate mortgages

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-and-rate-types/tracker
Title: Tracker rate mortgages

Search URL Search Domain Scan URL

URL: https://mortgages.firstdirect.com/mortgage-and-rate-types/standard-variable
Title: Standard variable rate mortgages

Search URL Search Domain Scan URL

URL: https://www.which.co.uk/news/2018/05/online-shopping-scams-cost-brits-58m-a-year/
Title: https://www.which.co.uk/news/2018/05/online-shopping-scams-cost-brits-58m-a-year/ Opens an overlay [Will show a security message first]

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstdirect
Title: Visit our facebook page, opens an overlay

Search URL Search Domain Scan URL

URL: https://twitter.com/firstdirect
Title: Visit our Twitter page, opens an overlay

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Firstdirectuk
Title: Visit our Youtube page, opens an overlay

Search URL Search Domain Scan URL

URL: https://www1.firstdirect.com/cookies/
Title: Cookie notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/reA8Cz7lqCnrrBguMmWf_?domain=tracking.information.firstdirect.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNp9UtuO0zAQ_ZXIz03qS-I0FZftFhYetiu0gkpIlSLHl8bbOo5shxUg_p1JKYKnfbI9Z86Z8Zn5iYIcE1qjYGUvgiqetDE6xJsQc-nd6Ac9pFjAFS3Q2Uu0JgsUtNR2TMk6DW-OOaOcU4YxBgzE6ALpaBVgZVOtKKs4X6Dk0oNXQEAYVyBmR7iSpir4qqB0VRBOIOricSaiVw87TuiqJJRuMGtwVb7bODGo2InhdGMH44MTyfqhMDbEpCz0lOY234DIOEtUDLqZwhnE-pTG9WF5WKYg5MkOx-IFgcMyHJZvrXrdX-uLxaW-gpMwxbWACnq27NjKXLfTCZO2rttvqq5zQtttVW1IU7cUU0wIYLSEnKSDa3L4eU54xVZNRXADOl1Ea6gBLQuwFl25AAg5V9j2Wp6-PN5D4DhdfHk8_9BfP-8_7JLbf3r_fLfvb7f3G8DlFJN3Osg_Hv9Tik7EHiKGMUG1YsLoWjeVUUKbWjOp69J0ujEd6YxsygtlUAEYFsYfkhjSS36jeR2OAABhDD5BONdT4WA3pIh_U-LUPUHCR_-cJZ_F0acs9n4cYRZZlMLFLPU2ZrdnmE92F6wS39FlZXZ-GuZ_Xx28WCb_t-rXb0Pj2ls HTTP 307
http://tracking.information.firstdirect.com/r/?id=h1284122a,39054da,313d6ea HTTP 302
https://www.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud HTTP 302
https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg HTTP 302
https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

Request Chain 37

https://www.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg HTTP 302
https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/
Redirect Chain

https://protect-eu.mimecast.com/s/reA8Cz7lqCnrrBguMmWf_?domain=tracking.information.firstdirect.com
https://protect-eu.mimecast.com/redirect/eNp9UtuO0zAQ_ZXIz03qS-I0FZftFhYetiu0gkpIlSLHl8bbOo5shxUg_p1JKYKnfbI9Z86Z8Zn5iYIcE1qjYGUvgiqetDE6xJsQc-nd6Ac9pFjAFS3Q2Uu0JgsUtNR2TMk6DW-OOaOcU4YxBgzE6ALpaBVg...
http://tracking.information.firstdirect.com/r/?id=h1284122a,39054da,313d6ea
https://www.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

47 KB
9 KB

339ms
70ms

Document
text/html

91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

3de4c1156c94b6e681dc236d81923243aa0a21f83411863d2df6dc66c55d58e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www2.firstdirect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:42 GMT
Server: Apache
Last-Modified: Thu, 26 Nov 2020 06:17:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
S: gbl-prod-wk-aempub
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 8730
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: FD-COEX-PWS=3130379018.13689.0000; path=/; Httponly; Secure
Strict-Transport-Security: max-age=16070400; includeSubDomains

Redirect headers

Location: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css
www2.firstdirect.com/etc/designs/fsdt/ 177 KB
27 KB 106ms
72ms Stylesheet
text/css 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

d53d04747d3776de440a1a732eb2a17d7c4ff5d181859e8cc04ac3b6b2325d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:42 GMT
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=1200
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 26750
X-XSS-Protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/ 5 KB
2 KB 648ms
583ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.sync.js
Requested by: Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 718fd6797b8930e95e1294ff5be11421aa78ec891df31d298c4bf8c792549e61

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 13:06:53 GMT
server: AkamaiNetStorage
etag: "dc16116d0eb6d6368d4695019811020c:1599052013.975115"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1495
expires: Thu, 26 Nov 2020 09:00:43 GMT

GET
H/1.1 200
OK clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js Show response
www2.firstdirect.com/etc/designs/hsbc/appd/ 37 KB
12 KB 183ms
70ms Script
application/x-javascript 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:44 GMT
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 11811
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 29051_Fraud_LandingPageBanner_OnlineShoppingScams_Desktop.jpg
www2.firstdirect.com/content/dam/fsdt/en/media/images/largescreen/ 40 KB
40 KB 64ms
64ms Image
image/jpeg 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/content/dam/fsdt/en/media/images/largescreen/29051_Fraud_LandingPageBanner_OnlineShoppingScams_Desktop.jpg

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

dc31aa1aaee58c4c2d6c0ed01e2cf51115d2eab46c3ac59c3abe2eb07f81e361

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 06:22:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 40479
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DatingScams_Binoculars.svg
www2.firstdirect.com/content/dam/fsdt/en/media/images/icons/ 4 KB
2 KB 61ms
60ms Image
image/svg+xml 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/content/dam/fsdt/en/media/images/icons/DatingScams_Binoculars.svg

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

9b8a9f0f63e160621b6869e757de35931f50d727c8320ea658d442760fb6c172

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 06:32:57 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 1217
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DatingScams_Shield.svg
www2.firstdirect.com/content/dam/fsdt/en/media/images/icons/ 2 KB
1 KB 58ms
58ms Image
image/svg+xml 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/content/dam/fsdt/en/media/images/icons/DatingScams_Shield.svg

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

1b4f70bc28289a03a44453e2d890a035aae22f6ae1d836cb49930fd5f62e2a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 06:32:57 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 835
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clientlib-all.min.36a94ddad7eb65e0a402a3b65685eae2.js Show response
www2.firstdirect.com/etc/designs/fsdt/ 252 KB
74 KB 78ms
78ms Script
application/x-javascript 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/etc/designs/fsdt/clientlib-all.min.36a94ddad7eb65e0a402a3b65685eae2.js

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

83c3f52eeeac8cf608e32232aa191385854beb917f58927b43232df70f67dd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:45 GMT
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
X-XSS-Protection: 1; mode=block

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/lib-sync/prod/ 439 KB
142 KB 56ms
56ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/lib-sync/prod/utag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 888494a980afeb4771aa70481dfd5b380de127ea3c6c3bbf31ddeaea3235ae31

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:43 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 13:24:35 GMT
server: AkamaiNetStorage
etag: "973d2f59f2ba12f647d66584fcf58afe:1601904275.566176"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 26 Nov 2020 09:00:43 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/ 272 KB
73 KB 557ms
556ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.js
Requested by: Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e9142c03ac9b8719d243a010be96c25045ae8acdbeb0cc7ef5c56e2aea50d31b

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 13:06:54 GMT
server: AkamaiNetStorage
etag: "e99f47885901f7b02171009ace93d379:1599052014.438556"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 26 Nov 2020 09:00:44 GMT

GET
H/1.1 200
OK sprites.svg
www2.firstdirect.com/etc/designs/fsdt/common/img/ 46 KB
17 KB 68ms
67ms Image
image/svg+xml 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/etc/designs/fsdt/common/img/sprites.svg

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

5b68497290686567825837b3463e4af52dda24d16d104b64fc7a0253b4fe4ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 17239
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK HelveticaNeueLTW05-45Light.woff2
www2.firstdirect.com/etc/designs/fsdt/common/fonts/ 38 KB
38 KB 65ms
65ms Font
application/font-woff2 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/etc/designs/fsdt/common/fonts/HelveticaNeueLTW05-45Light.woff2

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

0bfe845c97897526fcfd1009a71c12de5b8f85115c339cc5483234ac3a1a97ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www2.firstdirect.com
Referer: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:52 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 38476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK HelveticaNeueLTW05-75Bold.woff2
www2.firstdirect.com/etc/designs/fsdt/common/fonts/ 41 KB
41 KB 144ms
144ms Font
application/font-woff2 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/etc/designs/fsdt/common/fonts/HelveticaNeueLTW05-75Bold.woff2

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

55ade691f1a06265b6e9c502523ea2972ff8432f2ef1766965d9b3d3bbdd7d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www2.firstdirect.com
Referer: https://www2.firstdirect.com/etc/designs/fsdt/clientlib-default.min.b86e92abf8d930d117194e720932bbe9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:52 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 42012
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK asset-mapping-generic.fsdt.json Show response
www2.firstdirect.com/content/fsdt/en_gb/functional-customer-support/asset-mapping/ 55 KB
55 KB 65ms
63ms XHR
application/json 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/content/fsdt/en_gb/functional-customer-support/asset-mapping/asset-mapping-generic.fsdt.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

f18a0e57e2c76337f188b9aaa115d75bdf43a868291ee1aebc1b4c091c96c7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

ADRUM: isAjax:true
Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:48 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 55970
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK move-money-labels.fsdt.json Show response
www2.firstdirect.com/content/fsdt/en_gb/common/labels/ 4 KB
4 KB 92ms
59ms XHR
application/json 91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.firstdirect.com/content/fsdt/en_gb/common/labels/move-money-labels.fsdt.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

22d0610df0471899a1794c7b3b2425b9b37e36200a3279846fc774e9f2ae42eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

ADRUM: isAjax:true
Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 05:56:49 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 3911
X-XSS-Protection: 1; mode=block

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
203 B 30ms
30ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/lib-sync/202010051324&cb=1606380943707
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/lib-sync/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:43 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 26 Nov 2020 09:05:43 GMT

GET
H2 200 utag.152.js Show response
tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/ 14 KB
5 KB 41ms
41ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.152.js?utv=ut4.46.201811191302
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 65791fb3f594d8ecff5844137ec18aa693b62f04ed678a27221c612a8b73b0b5

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 13:02:03 GMT
server: AkamaiNetStorage
etag: "7499b32ff9dd077526fbdeaea845ac8b:1594818123.828083"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4527
expires: Fri, 11 Dec 2020 08:55:44 GMT

GET
H2 200 utag.212.js Show response
tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/ 43 KB
13 KB 44ms
44ms Script
application/x-javascript 172.227.86.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.212.js?utv=ut4.46.201906261140
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.86.73 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-86-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 23cfaf2973c2181628cd178a9077a52120699d10e80fdddde6b95e0215855d34

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 13:02:00 GMT
server: AkamaiNetStorage
etag: "6238092bd8bbfcf5dd26d3a493c48d50:1594818120.509639"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 12948
expires: Fri, 11 Dec 2020 08:55:44 GMT

GET
H2 200 adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js Show response
cdn.appdynamics.com/ 45 KB
18 KB 114ms
48ms Script
application/javascript 143.204.90.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by: Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-7.fra50.r.cloudfront.net
Software: nginx/1.10.2 /
Resource Hash: 7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:49:13 GMT
content-encoding: gzip
age: 1001191
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2016 22:05:47 GMT
server: nginx/1.10.2
etag: "57db1b3b-b4f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BjGpoGMHkMaGr2mS6IOjbkO9MY1CR216gX0-5b09oXn4DxA1xImPGA==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 132ms
33ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=34735562
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.152.js?utv=ut4.46.201811191302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

POST
H/1.1 200
OK session.json Show response
www.mcmprod.hsbc.co.uk/4879/handler9/ 4 KB
2 KB 314ms
71ms XHR
application/json 91.214.5.154
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcmprod.hsbc.co.uk/4879/handler9/session.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.5.154 Chester, United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

6ef2b8381815c8c5fe488dcdd99b6c9356e2b775c8a7ec8eff228ab1465661d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 26 Nov 2020 08:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: User-Agent
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Access-Control-Allow-Origin: https://www2.firstdirect.com
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
S: LWSMCMRP103UK
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=100
Content-Length: 944

GET
H/1.1 200
OK JavascriptInsert.js Show response
www.mcmprod.hsbc.co.uk/ 97 KB
35 KB 301ms
58ms Script
application/x-javascript 91.214.5.154
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcmprod.hsbc.co.uk/JavascriptInsert.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.212.js?utv=ut4.46.201906261140

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.5.154 Chester, United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

614e7b5beb44f8af1519bf84d710717cf078b6f308814e5b1eeb964627325537

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Jul 2015 12:19:50 GMT
ETag: 8e52f1010a2640f31c8d97284b68fe05
Vary: User-Agent
Content-Type: application/x-javascript
Cache-Control: max-age=900, s-maxage=900
Connection: Keep-Alive
S: LWSMCMRP102UK
Keep-Alive: timeout=5, max=100
Content-Length: 35567

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/ 242 KB
88 KB 41ms
40ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.152.js?utv=ut4.46.201811191302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 8317a6eaa0b713a9bc7e2c8bda8802f2e33f64a98df7a9ada1c52859f6aea82d

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/34735562/configuration/setting/accountproperties/ 4 KB
1 KB 86ms
17ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/34735562/configuration/setting/accountproperties/?cb=lpCb57581x71353
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 11371f88672a1364d0ed0d9dbdf380eb4dde039b2576838179d1e352c18a1744

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Thu, 26 Nov 2020 08:56:07 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/34735562/configuration/le-campaigns/ 2 KB
570 B 98ms
32ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/34735562/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 1f881ce1c8d5a111ea62ed9b78a5bc13f18f79d24eb861d2fa0190561387b459

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Thu, 26 Nov 2020 08:56:40 GMT

GET
H2 200 34735562 Show response
lo.v.liveperson.net/api/js/ 603 B
1 KB 198ms
97ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/34735562?&cb=lpCb19487x84998&t=sp&ts=1606380944491&pid=9421039468&tid=5878659615&pt=Online%20shopping%20scams%20%7C%20first%20direct&u=https%3A%2F%2Fwww2.firstdirect.com%2Fhelp%2Fsecurity-centre%2Ffraud-awareness%2Fonline-shopping-scams%2F%3Fcid%3DFSDT%3ACW%3A%3AE2%3A%3A02%3A2011%3A019%3ABlackFridayFraud&sec=%5B%22help_security-centre_fraud-awareness_online-shopping-scams_%22%5D&df=0&os=1&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22currency%22%3A%22USD%22%2C%22ctype%22%3A%22en%22%7D%7D%2C%7B%22type%22%3A%22cart%22%2C%22currency%22%3A%22USD%22%2C%22numItems%22%3A0%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22page_security_level-0%22%2C%22price%22%3Anull%7D%2C%22quantity%22%3Anull%7D%2C%7B%22product%22%3A%7B%22name%22%3A%22site_region-Europe_UK_United_Kingdom_First_Direct_first_direct%22%2C%22price%22%3Anull%7D%2C%22quantity%22%3Anull%7D%5D%7D%2C%7B%22type%22%3A%22mrktInfo%22%2C%22info%22%3A%7B%22campaignId%22%3A%22FSDT%3ACW%3A%3AE2%3A%3A02%3A2011%3A019%3ABlackFridayFraud%22%7D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: 3a7bbe5123ef0dc960ace0a24413b0864d728df0a5dcf296ed540d77115753df

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK jsEvent.json Show response
www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/ 2 KB
822 B 63ms
62ms XHR
application/json 91.214.5.154
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/jsEvent.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.5.154 Chester, United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

3ab503c65f4891f4cad329142742644ef1dbc67086dbf79753421ae2ef902a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 26 Nov 2020 08:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: User-Agent
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Access-Control-Allow-Origin: https://www2.firstdirect.com
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
S: LWSMCMRP102UK
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=99
Content-Length: 80

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/ 6 KB
3 KB 72ms
17ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/overlay.js?_v=3.43.0.1-release_5028
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 13:09:53 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 26 Nov 2020 09:05:44 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/ 30 KB
12 KB 88ms
33ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.43.0.1-release_5028/jsv2/UISuite.js?_v=3.43.0.1-release_5028
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 13:09:53 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 26 Nov 2020 09:05:44 GMT

GET
H2 200 1765 Show response
accdn.lpsnmedia.net/api/account/34735562/configuration/le-campaigns/campaigns/1139226432/engagements/1139226632/revision/ 2 KB
1 KB 77ms
76ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/34735562/configuration/le-campaigns/campaigns/1139226432/engagements/1139226632/revision/1765?v=3.0&cb=lp1139226632&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: e8c83a5d7fdab4e8d249d5bdedc70a5b67e220fe6d238340eff65244fd8b070a

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Thu, 26 Nov 2020 08:56:44 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/34735562/configuration/setting/accountproperties/ 4 KB
1 KB 19ms
18ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/34735562/configuration/setting/accountproperties/?cb=lpCb12108x99699
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 25901bef244271e90f6878d1acd58752a969889bef585ac616f6a99beddb0fe7

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Thu, 26 Nov 2020 08:56:07 GMT

GET
H2 200 34735562 Show response
lo.v.liveperson.net/api/js/ 111 B
855 B 46ms
45ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/34735562?sid=sgQcVve1S6WeRAY-Ji75bA&cb=lpCb34020x94102&t=pl&ts=1606380944492&pid=9421039468&tid=5878659615&vid=UzNzc2YTg4MjNlNmFjNTQ0
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: 1d959c8e84e7d51eb61a72bf7cdc2963ea72b3d4e58798a5d1841d65e66f49db

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 355825132 Show response
accdn.lpsnmedia.net/api/account/34735562/configuration/engagement-window/window-confs/ 4 KB
1 KB 75ms
75ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/34735562/configuration/engagement-window/window-confs/355825132?cb=lpCb10867x51354
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 96ca93006e75a0a5d5ea21ae9afc838e47f695cc75f175a3d970819e63b2bff1

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:44 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 0
expires: Thu, 26 Nov 2020 08:56:12 GMT

POST
H/1.1 200
OK jsEvent.json Show response
www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/ 2 KB
805 B 50ms
49ms XHR
application/json 91.214.5.154
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/jsEvent.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.5.154 Chester, United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 26 Nov 2020 08:55:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: User-Agent
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Access-Control-Allow-Origin: https://www2.firstdirect.com
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
S: LWSMCMRP102UK
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=98
Content-Length: 63

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAM-PSA/ 0
925 B 196ms
50ms XHR
text/html 52.215.95.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAM-PSA/adrum
Requested by: Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.95.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-95-50.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Nov 2020 08:55:45 GMT
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ Frame FBA8 0
0 22ms
21ms Document
text/html 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fwww2.firstdirect.com&site=34735562&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fwww2.firstdirect.com&site=34735562&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud

Response headers

date: Thu, 26 Nov 2020 08:55:46 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Thu, 26 Nov 2020 09:05:46 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ 38 KB
15 KB 17ms
17ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.js?loc=https%3A%2F%2Fwww2.firstdirect.com&site=34735562&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:46 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 26 Nov 2020 09:05:46 GMT

GET
H/1.1

200
OK

fd_sticky_white-icon_18x18.jpg
www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/
Redirect Chain

https://www.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg
https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

774 B
1 KB

60ms
60ms

Image
image/jpeg

91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

4066361ac9360be7e3485105fe927c53e15694b953e114afa49d5ac553b0fc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 08:01:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 774
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

fd_sticky_white-icon_18x18.jpg
www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/
Redirect Chain

https://www.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg
https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

774 B
1 KB

61ms
60ms

Image
image/jpeg

91.214.6.93
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.6.93 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Apache /

Resource Hash

4066361ac9360be7e3485105fe927c53e15694b953e114afa49d5ac553b0fc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 08:55:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 08:01:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
S: gbl-prod-wk-aempub
Keep-Alive: timeout=5, max=100
Content-Length: 774
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://www2.firstdirect.com/content/dam/fsdt/en/media/images/livechat/fd_sticky_white-icon_18x18.jpg
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 34735562 Show response
lo.v.liveperson.net/api/js/ 41 B
792 B 41ms
40ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/34735562?sid=sgQcVve1S6WeRAY-Ji75bA&cb=lpCb15654x7126&t=uc&ts=1606380946704&pid=9421039468&tid=5878659615&vid=UzNzc2YTg4MjNlNmFjNTQ0&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1139226432%2C%22engId%22%3A1139226632%2C%22revision%22%3A1765%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: c11e0173c3b53b6a03e6b78127bab2832e8b11cce85ed548b801402e3ddd724a

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK jsEvent.json Show response
www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/ 2 KB
805 B 49ms
48ms XHR
application/json 91.214.5.154
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcmprod.hsbc.co.uk/4879/17358661028/XBW09WEA78JG/jsEvent.json

Requested by

Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.214.5.154 Chester, United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 26 Nov 2020 08:55:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: User-Agent
P3P: CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Access-Control-Allow-Origin: https://www2.firstdirect.com
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
S: LWSMCMRP102UK
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=97
Content-Length: 63

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAM-PSA/ 0
925 B 49ms
48ms XHR
text/html 52.215.95.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAM-PSA/adrum
Requested by: Host: www2.firstdirect.com
URL: https://www2.firstdirect.com/etc/designs/hsbc/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.95.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-95-50.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Nov 2020 08:55:51 GMT
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

GET
H2 200 34735562 Show response
lo.v.liveperson.net/api/js/ 73 B
824 B 40ms
39ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/34735562?sid=sgQcVve1S6WeRAY-Ji75bA&cb=lpCb56554x37813&t=ip&ts=1606380954747&pid=9421039468&tid=5878659615&vid=UzNzc2YTg4MjNlNmFjNTQ0
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/34735562/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=help_security-centre_fraud-awareness_online-shopping-scams_&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: 59eb45d98d595b0a79b4e1d9faf2f76f4a3533aa26e37ae4e0e768744947883c

Request headers

Referer: https://www2.firstdirect.com/help/security-centre/fraud-awareness/online-shopping-scams/?cid=FSDT:CW::E2::02:2011:019:BlackFridayFraud
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 08:55:54 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firstdirect.com/	1970-01-19 18:32:12	Name: status_banner Value: 1606380943611
.firstdirect.com/	1969-12-31 23:59:59	Name: tms_ref Value:
.firstdirect.com/	1970-01-19 22:58:36	Name: utag_main Value: v_id:017603c3f95600026de7eaf0fb8400078008607000b08$_sn:1$_se:2$_ss:0$_st:1606382744121$ses_id:1606380943703%3Bexp-session$_pn:2%3Bexp-session
www2.firstdirect.com/	1969-12-31 23:59:59	Name: FD-COEX-PWS Value: 3130379018.13689.0000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdn.appdynamics.com
col.eum-appdynamics.com
lo.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
protect-eu.mimecast.com
tags.tiqcdn.com
tracking.information.firstdirect.com
www.firstdirect.com
www.mcmprod.hsbc.co.uk
www2.firstdirect.com
143.204.90.7
172.227.86.73
178.249.101.23
178.249.97.70
195.68.228.110
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
52.215.95.50
91.214.5.154
91.214.6.146
91.214.6.93
91.220.42.63
0bfe845c97897526fcfd1009a71c12de5b8f85115c339cc5483234ac3a1a97ca
11371f88672a1364d0ed0d9dbdf380eb4dde039b2576838179d1e352c18a1744
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1b4f70bc28289a03a44453e2d890a035aae22f6ae1d836cb49930fd5f62e2a0a
1d959c8e84e7d51eb61a72bf7cdc2963ea72b3d4e58798a5d1841d65e66f49db
1f881ce1c8d5a111ea62ed9b78a5bc13f18f79d24eb861d2fa0190561387b459
22d0610df0471899a1794c7b3b2425b9b37e36200a3279846fc774e9f2ae42eb
23cfaf2973c2181628cd178a9077a52120699d10e80fdddde6b95e0215855d34
25901bef244271e90f6878d1acd58752a969889bef585ac616f6a99beddb0fe7
3a7bbe5123ef0dc960ace0a24413b0864d728df0a5dcf296ed540d77115753df
3ab503c65f4891f4cad329142742644ef1dbc67086dbf79753421ae2ef902a55
3de4c1156c94b6e681dc236d81923243aa0a21f83411863d2df6dc66c55d58e4
4066361ac9360be7e3485105fe927c53e15694b953e114afa49d5ac553b0fc85
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
55ade691f1a06265b6e9c502523ea2972ff8432f2ef1766965d9b3d3bbdd7d81
59eb45d98d595b0a79b4e1d9faf2f76f4a3533aa26e37ae4e0e768744947883c
5b68497290686567825837b3463e4af52dda24d16d104b64fc7a0253b4fe4ac5
614e7b5beb44f8af1519bf84d710717cf078b6f308814e5b1eeb964627325537
65791fb3f594d8ecff5844137ec18aa693b62f04ed678a27221c612a8b73b0b5
6ef2b8381815c8c5fe488dcdd99b6c9356e2b775c8a7ec8eff228ab1465661d8
718fd6797b8930e95e1294ff5be11421aa78ec891df31d298c4bf8c792549e61
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
8317a6eaa0b713a9bc7e2c8bda8802f2e33f64a98df7a9ada1c52859f6aea82d
83c3f52eeeac8cf608e32232aa191385854beb917f58927b43232df70f67dd0f
888494a980afeb4771aa70481dfd5b380de127ea3c6c3bbf31ddeaea3235ae31
96ca93006e75a0a5d5ea21ae9afc838e47f695cc75f175a3d970819e63b2bff1
9b8a9f0f63e160621b6869e757de35931f50d727c8320ea658d442760fb6c172
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2
a81887f6f7eae5ed64b0d7dab296314353c1a5684490c08c08c961fb93ff6b54
c11e0173c3b53b6a03e6b78127bab2832e8b11cce85ed548b801402e3ddd724a
d53d04747d3776de440a1a732eb2a17d7c4ff5d181859e8cc04ac3b6b2325d78
dc31aa1aaee58c4c2d6c0ed01e2cf51115d2eab46c3ac59c3abe2eb07f81e361
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c83a5d7fdab4e8d249d5bdedc70a5b67e220fe6d238340eff65244fd8b070a
e9142c03ac9b8719d243a010be96c25045ae8acdbeb0cc7ef5c56e2aea50d31b
ebb991b4937d6015d8937e8d23f6fa5b315e898a018d1f0972efe59765b754b4
f18a0e57e2c76337f188b9aaa115d75bdf43a868291ee1aebc1b4c091c96c7e1

www2.firstdirect.com Open in urlscan Pro 91.214.6.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

17 %IPv6

8 Domains

12 Subdomains

9 IPs

4 Countries

753 kBTransfer

2024 kBSize

4 Cookies

22 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.firstdirect.com Open in urlscan Pro
91.214.6.93 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

17 %
IPv6

8
Domains

12
Subdomains

9
IPs

4
Countries

753 kB
Transfer

2024 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions