urlscan.io logo urlscan.io
SecurityTrails logo

hsaugroup.com Open in urlscan Pro
104.219.248.103  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://hsaugroup.com/
Submission Tags: @ecarlesi threat #phishing #hsbc Search All
Submission: On August 31 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 58 HTTP transactions. The main IP is 104.219.248.103, located in United States and belongs to NAMECHEAP-NET, US. The main domain is hsaugroup.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 30th 2023. Valid for: a year.
This is the only time hsaugroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

22    104.219.248.103 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server137-5.web-hosting.com
hsaugroup.com
1    2a02:26f0:3100:38a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
13    2600:9000:223e:8600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    184.30.216.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-216-26.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
1    184.30.214.197 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-214-197.deploy.static.akamaitechnologies.com
a19069622224.cdn.optimizely.com
1    143.204.98.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-79.fra50.r.cloudfront.net
cdn.appdynamics.com
1    52.203.66.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-66-55.compute-1.amazonaws.com
logx.optimizely.com
1    52.37.94.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-94-185.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    203.112.91.11 (None, )

ASN- ()
www.mcm-prod.hsbc.com.au
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.65.26.233 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-26-233.ap-southeast-2.compute.amazonaws.com
collect-ap-southeast-2.tealiumiq.com
1    178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    54.79.101.108 (None, )

ASN- ()
visitor-service-ap-southeast-2.tealiumiq.com
Apex Domain
Subdomains		 Transfer
22 hsaugroup.com
hsaugroup.com
1 MB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1208
akamai.tiqcdn.com — Cisco Umbrella Rank: 11110
98 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 784
a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 96769
logx.optimizely.com — Cisco Umbrella Rank: 1420
116 KB
2 google.fr
www.google.fr — Cisco Umbrella Rank: 16334
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
3 KB
2 tealiumiq.com
collect-ap-southeast-2.tealiumiq.com — Cisco Umbrella Rank: 197538
visitor-service-ap-southeast-2.tealiumiq.com
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
135 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
88 KB
1 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3685
1 hsbc.com.au
www.mcm-prod.hsbc.com.au Failed
35 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 3139
779 B
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4045
18 KB
58 14
Domain Requested by
22 hsaugroup.com hsaugroup.com
13 tags.tiqcdn.com hsaugroup.com
tags.tiqcdn.com
2 www.google.fr
2 www.google.com
2 www.facebook.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
1 visitor-service-ap-southeast-2.tealiumiq.com tags.tiqcdn.com
1 lptag.liveperson.net tags.tiqcdn.com
1 collect-ap-southeast-2.tealiumiq.com hsaugroup.com
1 www.mcm-prod.hsbc.com.au hsaugroup.com
tags.tiqcdn.com
1 col.eum-appdynamics.com hsaugroup.com
1 logx.optimizely.com hsaugroup.com
1 cdn.appdynamics.com hsaugroup.com
1 a19069622224.cdn.optimizely.com cdn.optimizely.com
1 akamai.tiqcdn.com hsaugroup.com
1 cdn.optimizely.com hsaugroup.com
58 18

This site contains no links.

Subject Issuer Validity Valid
hsaugroup.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-30 -
2024-08-30		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
www.mcm-prod.hsbc.com.au
DigiCert SHA2 Extended Validation Server CA		 2022-09-26 -
2023-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01		 2023-07-25 -
2024-08-22		 a year crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hsaugroup.com/
Frame ID: 6B1A9B6483B7FFF43C0453B20B1F6AD8
Requests: 57 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: 91502638B84C0682F2F0E83E647B77B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HSBC Australia - Personal Banking, Credit Cards, Loans, Accounts

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

44 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

1931 kB
Transfer

4570 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hsaugroup.com/ 		66 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
8d68adcd8893b24204c94831508129355a6beb8da4ba260d178d4034f40f3b67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
7770
content-type
text/html
date
Thu, 31 Aug 2023 08:55:20 GMT
last-modified
Mon, 28 Aug 2023 03:12:04 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
hsaugroup.com/ 		896 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
b50952e80beac3073c71848ec43d4ceaa929ada20b254a709a155b0861d59647

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:20 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
93387
expires
Thu, 07 Sep 2023 08:55:20 GMT
utag.sync.js
hsaugroup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/utag.sync.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
4a173f345c5802a8e034413f3debcf34554afc8b6a59f8177fbe6114c96704e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:20 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
816
expires
Thu, 07 Sep 2023 08:55:20 GMT
appd.min.28729b81913621076cb1004898cb22c7.js
hsaugroup.com/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
589c637bb7a658de26723d9dfedcb3a517d9b34d696c9335028986acec6f4b0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:20 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
11168
expires
Thu, 07 Sep 2023 08:55:20 GMT
01_HSBC_MASTERBRAND_LOGO_RGB.svg
hsaugroup.com/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/01_HSBC_MASTERBRAND_LOGO_RGB.svg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1879
expires
Thu, 07 Sep 2023 08:55:21 GMT
10736-woman-taking-a-sunbath-on-mountain-peak-33x400.jpg
hsaugroup.com/ 		460 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/10736-woman-taking-a-sunbath-on-mountain-peak-33x400.jpg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
e594d154806d7cab7ca0fbddcb9256c0fb55bb324c1ff3521664876fb6f8e04e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
471323
expires
Thu, 07 Sep 2023 08:55:21 GMT
9999-everyday-savings-889x500.jpg
hsaugroup.com/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/9999-everyday-savings-889x500.jpg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
1a3b261bc180b22846f05ee508cdd2b0154403f7a3ad4722ad8020310a702e0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
252190
expires
Thu, 07 Sep 2023 08:55:21 GMT
cq5dam.web.590.1000.jpeg
hsaugroup.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/cq5dam.web.590.1000.jpeg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
7533e548db945c0025f1f7fbd502ff27189bacab0beada9ea20568a1504fdfae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
40981
expires
Thu, 07 Sep 2023 08:55:21 GMT
cq5dam.web.590.1000-1.jpeg
hsaugroup.com/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/cq5dam.web.590.1000-1.jpeg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c1589c5dae3fbb29fe1083596ffab664f38723153f3b640311fc3be128db68b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
91991
expires
Thu, 07 Sep 2023 08:55:21 GMT
cq5dam.web.590.1000-2.jpeg
hsaugroup.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/cq5dam.web.590.1000-2.jpeg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
dd1f0b70f08d06591a084ce3b00c0354d0c673c1c8aba0c6ff4e3b4309816232

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
52232
expires
Thu, 07 Sep 2023 08:55:21 GMT
cq5dam.web.590.1000-3.jpeg
hsaugroup.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/cq5dam.web.590.1000-3.jpeg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
ad6425f56028e6a3bdd936eaf8aa2bf9768f7687e3c0f7fea845ba999968448e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
34971
expires
Thu, 07 Sep 2023 08:55:21 GMT
cq5dam.web.590.1000-4.jpeg
hsaugroup.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsaugroup.com/cq5dam.web.590.1000-4.jpeg
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
1398b7aa018302110402a3c7865eee99ecbeab6797ffc5391c06ebbb5b9db2d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
34967
expires
Thu, 07 Sep 2023 08:55:21 GMT
clientlib-jquery.e707977d551ec8c86a2541af384e7f64.js
hsaugroup.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/clientlib-jquery.e707977d551ec8c86a2541af384e7f64.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
9963a0d111fcb3d87a4874730cbfba7a84520aebb866b74886fd7d6de5a5b608

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
37195
expires
Thu, 07 Sep 2023 08:55:21 GMT
clientlib-all.min.c5d37f117a2aa465ed46e4c61fe69bf0.js
hsaugroup.com/ 		641 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/clientlib-all.min.c5d37f117a2aa465ed46e4c61fe69bf0.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
310bba12e493ac7ff120d00de7dd1d8e03d0f9ff61140b644ba903a559762ac7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
content-encoding
br
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
133300
expires
Thu, 07 Sep 2023 08:55:21 GMT
20365490699.js
cdn.optimizely.com/js/ 		466 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20365490699.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:38a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d03bfb0fb59b82ddd9b51404e803aa17a9bdee7908cf0e7b40c5ff89fd46cbe8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
NBrzHDq422FwWApeKd98ERbf4hxRRAoM
content-encoding
gzip
date
Thu, 31 Aug 2023 08:55:21 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
RYTJ03QNAJ2MC4FE
x-amz-server-side-encryption
AES256
x-amz-meta-revision
2984
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=10, origin; dur=98, cdn;desc="AkamaiION";dur=0,rtt;desc="28";dur=0,cdnip;desc="2a02:26f0:3100:38a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1693472121339_34631172_3205452_10833_2106_28_32_146";dur=1
content-length
115110
x-amz-id-2
jk5mCcdT+dRLWSb4eds3UB3FH01QVyAfbJYvAd976X8WHif1IKQt7FMXd91HZOX52PIUCO6x48w=
last-modified
Thu, 31 Aug 2023 04:56:20 GMT
server
AmazonS3
etag
"778c8880b0714a4bc8b1fc22a1e57fce"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utag.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		156 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d65290e0d729450c46c179d15cdc7773c7a670bee7b90dd76e9b6a931465c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
XZ7RaImoy7uUkN8Zwus5uiukJQX4T_Mr
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:55 GMT
last-modified
Mon, 07 Aug 2023 09:04:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
207
x-amz-server-side-encryption
AES256
etag
W/"1f74eeb7d01ea55fabdc6b501c494420"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
qvbsf7fzQCUgkzU0UDbhb313pYhz3RDf77RjTCYSh7Vafp7WiSMhzg==
UniversNextforHSBCW02-Rg.woff
hsaugroup.com/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/UniversNextforHSBCW02-Rg.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
27464
expires
Thu, 07 Sep 2023 08:55:21 GMT
UniversNextforHSBCW02-Bd.woff
hsaugroup.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/UniversNextforHSBCW02-Bd.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
26328
expires
Thu, 07 Sep 2023 08:55:21 GMT
HSBCIcon-Font-Extension.woff
hsaugroup.com/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/HSBCIcon-Font-Extension.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
38384
expires
Thu, 07 Sep 2023 08:55:21 GMT
UniversNextforHSBCW02-Lt.woff
hsaugroup.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/UniversNextforHSBCW02-Lt.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
26300
expires
Thu, 07 Sep 2023 08:55:21 GMT
UniversNextforHSBCW02-Th.woff
hsaugroup.com/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/UniversNextforHSBCW02-Th.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
26884
expires
Thu, 07 Sep 2023 08:55:21 GMT
UniversNextforHSBCW02-LtIt.woff
hsaugroup.com/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/UniversNextforHSBCW02-LtIt.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:46 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
24980
expires
Thu, 07 Sep 2023 08:55:21 GMT
location.js
akamai.tiqcdn.com/location/ 		18 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.216.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-216-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 08:55:21 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=FR,region_code=IDF,city=PARIS,areacode=0,zip=0,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Fri, 15 Sep 2023 08:55:21 GMT
auth-status-hint
hsaugroup.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/auth-status-hint?_=1693472121404
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept
*/*
Referer
https://hsaugroup.com/
X-Requested-With
XMLHttpRequest
ADRUM
isAjax:true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
json

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:21 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame 9150 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20365490699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.214.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-214-197.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://hsaugroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1204
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 08:55:22 GMT
etag
"15347c7649189a15d7cd84ee7b06a3ab"
last-modified
Thu, 31 Aug 2023 08:20:10 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="23";dur=0,cdnip;desc="184.30.214.197";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1693472121840_388358892_156415251_41_2063_23_560_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
T09PsJwtgetAaw3qijAGgS+gMxxN/Zx2KaYalp11r0juxUcFKjBvrN3N3nBnmwhmdYpTIWF+Ezw=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
Z6DD4R3MSJT750N1
x-amz-server-side-encryption
AES256
x-amz-version-id
loT0WJ7Eb1vSUq4r9LHca0IVcLRFT8Jc
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/au-rbwm/202308070901&cb=1693472121811
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 31 Aug 2023 08:54:25 GMT
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
57
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
xsfSQOSkNNmeMRue1OQ7Z2GZsxvD691x1x1u6wzck8RzZLgd5fpF7w==
utag.974.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.974.js?utv=ut4.46.202308070901
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ecab6c5ed3bbfc3064b173c6b8412d4df76d9c3228bc41d915dc3d7eaf0add2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
fldzga4jAKQFhpCPLCuAxImrmGdeo0L3
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"228a3fae78912041a76e2693cf19773c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
m8Q8867-xnyIlaAsJOwceObK4hhxGdWG9qoxU6S_qu-9Le0Tg4MiKQ==
utag.587.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.587.js?utv=ut4.46.202010210957
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b505d677b2729fda40bdfe8c6978dcf437646960f9f60ff77b996c98d8efe805

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
nc8Vf_GGp7xlS4eBnRuYHhSwwHWNea.c
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"24acc7d9c238ce9074d26c2626d435bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Kgw7BhIE_YdyQfl8VQWU6QOkD3VR4_IYcgLx-njzHCDBeptz7H8kBg==
utag.924.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.924.js?utv=ut4.46.202207191534
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93c07870357d4426bf5de0e3b8733bdaf31999ced5c86603105ab45f57dfafae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Ku29dnfa11fe2kQ7mioDO1dv1FJ4UAEQ
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"8d6e9349286ca60f49b152b5ba85f5a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
uZWqK7CnU9a8Hj5xNr4Bf2W376pu_drjeL1nuKqdbiYLe8OyZ45RBg==
utag.972.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.972.js?utv=ut4.46.202308070901
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38c881a3d53ef225ff8fc81b607e67606d89c4924343877eb57ea09101cedfbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
mCAzCOZVEe7WSd6MLxABCeOGk6CIjlRu
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"444e73b0d2c1799e43b91e92a901bca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
YEqy5EDOM8V4Y4zbUtqfSAktaTVRqWmF_mrqgeUeuTidcrdORNlm0Q==
utag.1050.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1050.js?utv=ut4.46.202303280919
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3cc539e89081d74391cb96043c9403c5de1c0015f2778f6e6c78cd48c5e97a4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
OWFkv8mtxL6gjeRSAHCDfa0w2HMwmfQ_
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"bcab366319b2a4b45abcb32e608dc991"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
_uU4WhKdLN4CdMyp05CPBqkaM3BlpXEj9zBY96gycPdj-Mmrt9YHBA==
utag.1074.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1074.js?utv=ut4.46.202301201405
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2310d200e4a4552050aed14690f8beabda58cb247d600fb7fee7812f928bbb26

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
pJ1Q_Hg6GjJyjUaH.IGehHbSJbshdYkS
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:58 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
204
x-amz-server-side-encryption
AES256
etag
W/"f3842dd0e43ce30cfe9699cc9a5a0782"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ezbAezL0MHONvSOFhSaZGdtOukjc8Js_5HJjT-BnM475drN3vzIkjA==
utag.1075.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1075.js?utv=ut4.46.202301201405
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09b648832183233050fb5d1435d6adff56e4da3c79d8066f4b622eb5695e99fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
yPCk3o8_IPi.M0Z1XU9_HuC8uhz5TUHB
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:56 GMT
last-modified
Mon, 07 Aug 2023 09:04:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
206
x-amz-server-side-encryption
AES256
etag
W/"54c727c2816f3c952be82b16ac2400a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
3tr6WuQ1OYt3yeyfQATbXClFZ2hNvS_yUmlV2hC9kXFhOfyjTyJDGw==
utag.1099.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1099.js?utv=ut4.46.202206221706
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4581d0a750f26b4229bf56c26583aac90e19b39ccbc23c3f0a109b05076a0676

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
atctKXg2RUrXPxwtjjKd1o_8SsWkY4Hc
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:57 GMT
last-modified
Mon, 07 Aug 2023 09:04:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
205
x-amz-server-side-encryption
AES256
etag
W/"08ea508b792237a38206b5267c6468e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
g1Wiqu1KhyP07ipSLaA6Q_9a4OxQyVN9J_AI6ls8kBHTxPl9P2ZM8A==
utag.1170.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1170.js?utv=ut4.46.202206171012
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b6e2b5ae6e4943c0df175e278d2ff01b14513a61d56f52ab09d46aa9600cd04

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
pCktB7KloL3ozzRLsmQkSdjE.2SErvEU
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:57 GMT
last-modified
Mon, 07 Aug 2023 09:04:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
205
x-amz-server-side-encryption
AES256
etag
W/"34d02e46bc3d2191d5016a078fae38be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
t4yUDlCLyrdlUt_Z2Qo_UoLu8e6mTQk0pHyzyPH7GjwlSmaY2JgVuw==
utag.1171.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1171.js?utv=ut4.46.202206171012
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a1721e57194b0069b6c65a3afcb7c8106d060c2d479dee33015430176a7d881

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
SGlrsuRWtXIeKndxY74zfOpmuLzzhHDr
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:57 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
205
x-amz-server-side-encryption
AES256
etag
W/"d8b0ae8a2dc49c96f55cba6b0d8e6974"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Rf3n7rkw0VI2Q0GGPrRHa_QSL-u8N8Lay58XmtL9sSSain3_iqEopQ==
utag.1201.js
tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1201.js?utv=ut4.46.202307251747
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6eaf757ac5f2e6f8ee6a53fb3bb01bd49d60cf12979397b713b85aad43c9a27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
JElCtNme7IvYhu_Trml0nVT2bsdc2C7h
content-encoding
br
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 08:51:58 GMT
last-modified
Mon, 07 Aug 2023 09:04:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
204
x-amz-server-side-encryption
AES256
etag
W/"f8a86ff2406f3b9aaed19371af0649ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
wR-dkHVblZsC9WFbf-nDrK2iJi28n1lrzHQLhgjCe9VxR39MEEHkgA==
HSBCIcon-Font.woff
hsaugroup.com/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsaugroup.com/HSBCIcon-Font.woff
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.219.248.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server137-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df

Request headers

Referer
https://hsaugroup.com/clientlib-default.min.fc01337904020ef01b91ea662443a3e5.css
Origin
https://hsaugroup.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:21 GMT
last-modified
Fri, 25 Aug 2023 14:03:42 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22532
expires
Thu, 07 Sep 2023 08:55:21 GMT
adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
cdn.appdynamics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-79.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 07:36:43 GMT
content-encoding
gzip
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1214319
x-cache
Hit from cloudfront
last-modified
Thu, 15 Sep 2016 22:05:47 GMT
server
nginx/1.16.1
etag
W/"57db1b3b-b4f4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fYwxkvLOJwLJLFYNqV5X-zwkjkLJGy2qxFPFNIvaCLvNO29iKN9gqQ==
events
logx.optimizely.com/v1/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.66.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-66-55.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hsaugroup.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 31 Aug 2023 08:55:23 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://hsaugroup.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
81ad9e27-6762-49cd-8d69-b879e3c91ef0
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DCB/ 		0
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAD-DCB/adrum
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.94.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-94-185.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536010; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hsaugroup.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:23 GMT
strict-transport-security
max-age=31536010; includeSubDomains
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 08:55:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
RRSoEnkwhKbhlvvLZ+Sejjpujfd+gnjZVSxrAFCTJj9fNXcRoMi4RLQrLu2Ba6xk8nXJD+LG0AoZqk2/1DBjRw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
session.json
www.mcm-prod.hsbc.com.au/4027/handler9/ 		0
0
JavascriptInsert.js
www.mcm-prod.hsbc.com.au/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mcm-prod.hsbc.com.au/JavascriptInsert.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.972.js?utv=ut4.46.202308070901
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.112.91.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a8f96af8a2980c428c4e54a84253c5ba77b0ae03ba43dff9a7d4c622e97354b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 08:55:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 02 Dec 2016 10:09:57 GMT
ETag
7ba32397f116681461d19524068961b4
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Cache-Control
max-age=900, s-maxage=900
Connection
Keep-Alive
S
LIST01RPAU-WS
Keep-Alive
timeout=5
js
www.googletagmanager.com/gtag/ 		173 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8709841
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1099.js?utv=ut4.46.202206221706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e573daaaf5036d35dd11282831170c38f36d9518d584d6523781ceed294cc193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65022
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Aug 2023 08:55:24 GMT
i.gif
collect-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/2/ 		43 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/2/i.gif
Requested by
Host: hsaugroup.com
URL: https://hsaugroup.com/appd.min.28729b81913621076cb1004898cb22c7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.65.26.233 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-65-26-233.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://hsaugroup.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryrRi3Bo0ZcBwcFduH

Response headers

date
Thu, 31 Aug 2023 08:55:25 GMT
x-serverid
uconnect_i-0bb0fd70d34a4d725
x-tid
018a4acde2590089fb209c2725e803074001606c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
hsbc:wpb-stream-au:2:datacloud
x-region
ap-southeast-2
content-length
43
pragma
no-cache
x-did
018a4acde2590089fb209c2725e803074001606c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://hsaugroup.com
x-ulver
54c654920db5f931ad69a453263b061c49db3193-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
b6f17e02-f2a3-477d-b8c5-a02ba54417cf
expires
Thu, 31 Aug 2023 08:55:25 GMT
tag.js
lptag.liveperson.net/tag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=21508700
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.1050.js?utv=ut4.46.202303280919
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
235390370455098
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/235390370455098?v=2.9.125&r=stable&domain=hsaugroup.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
218730e84fa10a22d8f2916ad2eabf214cc2f1512aa1201aa5f43eb8ae784ebe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 08:55:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
IACdwMHMX2geiNASkG2iSOfOCB8GvaC2a183J55ivdvzt5v2FByxCc9tCTXBAvzTB36TuXyulgcybb9n+Snavw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8709841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d3401d0d0427b3f54558cdad03390626115c1a01b0700bcdd1d2d060e46ddd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72501
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Aug 2023 08:55:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/?random=1693472124547&cv=11&fst=1693472124547&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&auid=152202407.1693472124&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d19815942e480fb332d46adf92a607b10f9ac070bdbcbdcd87cdee95610cc929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944473433/?random=1693472124562&cv=11&fst=1693472124562&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&auid=152202407.1693472124&uamb=0&uaw=0&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944473433&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db70fc1ff5da9ca33e3320fa21f5e5834f07b36565428190a2989d5f38b485be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1405
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=235390370455098&ev=PageView&dl=https%3A%2F%2Fhsaugroup.com%2F&rl=&if=false&ts=1693472124629&cd[referring_source]=direct&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1693472124628.1846849629&it=1693472124423&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 31 Aug 2023 08:55:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/944473433/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/944473433/?random=1693472124547&cv=11&fst=1693468800000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2770901187&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/944473433/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/944473433/?random=1693472124547&cv=11&fst=1693468800000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2770901187&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/944473433/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/944473433/?random=1693472124562&cv=11&fst=1693468800000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=893508047&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/944473433/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/944473433/?random=1693472124562&cv=11&fst=1693468800000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhsaugroup.com%2F&frm=0&tiba=HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts&userId=018a4acde2590089fb209c2725e803074001606c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=893508047&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 08:55:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=235390370455098&ev=Microdata&dl=https%3A%2F%2Fhsaugroup.com%2F&rl=&if=false&ts=1693472125132&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HSBC%20Australia%20-%20Personal%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Accounts%22%2C%22meta%3Adescription%22%3A%22HSBC%20Bank%20Australia%20offers%20a%20range%20of%20accounts%2C%20online%20banking%2C%20credit%20cards%2C%20home%20loans%2C%20term%20deposits%2C%20foreign%20currency%20accounts%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22HSBC%20Bank%20Australia%20offers%20a%20range%20of%20accounts%2C%20online%20banking%2C%20credit%20cards%2C%20home%20loans%2C%20term%20deposits%2C%20foreign%20currency%20accounts%20and%20more.%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%22description%22%3A%22HSBC%20Bank%20Australia%20offers%20a%20range%20of%20accounts%2C%20online%20banking%2C%20credit%20cards%2C%20home%20loans%2C%20term%20deposits%2C%20foreign%20currency%20accounts%20and%20more.%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1693472124628.1846849629&it=1693472124423&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 31 Aug 2023 08:55:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
018a4acde2590089fb209c2725e803074001606c00b08
visitor-service-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-ap-southeast-2.tealiumiq.com/hsbc/wpb-stream-au/018a4acde2590089fb209c2725e803074001606c00b08?callback=utag.ut%5B%22writevawpb-stream-au%22%5D&rnd=1693472125599
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/au-rbwm/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.101.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bd254242302d5ea751d62edbdf3ba0df80d9ecb824fdb5e2d063296eb7ebc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://hsaugroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-version
54c654920db5f931ad69a453263b061c49db3193-SNAPSHOT
date
Thu, 31 Aug 2023 08:55:26 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
ap-southeast-2
content-length
6394
x-nodeid
i-02797860861590678
content-type
application/javascript; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mcm-prod.hsbc.com.au
URL
https://www.mcm-prod.hsbc.com.au/4027/handler9/session.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| TMS number| maskTimeout boolean| syncChangesApplied object| cssRuleManager function| removeMask object| u object| HSBC object| optimizely object| utag_data string| adrum-app-key number| adrum-start-time object| ADRUM undefined| $ function| jQuery object| utag_err boolean| utag_condload string| userAgent string| platform object| macosPlatforms object| iosPlatforms object| Evnt object| jwt undefined| JWTInternals object| elem boolean| loggedInScript string| versionNode number| version object| params object| qp_v_id object| qp_ses_id object| utag function| isFunction undefined| toObject undefined| track function| _tealium_old_error object| utag_cfg_ovrd string| mn object| tms object| pixel_lib function| objectToString function| isArray function| typeStr function| escapeRegExp function| hasProperty function| primitiveHasOwnProperty function| regExpTest function| testRegExp object| nonSpaceRe function| isWhitespace object| entityMap function| escapeHtml object| whiteRe object| spaceRe object| equalsRe object| curlyRe object| tagRe function| parseTemplate function| squashTokens function| nestTokens function| Scanner function| Context function| Writer object| mustache object| defaultWriter function| RadioButton function| RadioGroup object| respond function| moment object| Bootstrap object| GPWS object| HSBC_utils object| Mustache object| cpiUtils undefined| _ number| startTime number| duration object| utag_extn function| fbq function| _fbq function| tealium_liveperson_lib object| lpTag object| dataLayer object| MCM object| __MCMMsgs boolean| MCMInitized string| HSBCAUPageID string| HSBCAUcompatVersion string| HSBCAUpacketVersion string| HSBCAUuseCorsForInitialRequest string| HSBCAUuseJsonFormatForInitialCorsRequest string| HSBCAUTCP string| HSBCAUSSL function| HSBCAUgPr object| HSBCAUpendingManualEvents object| HSBCAUqueuedYoutubeReferences function| HSBCAUevent function| HSBCAUclick function| HSBCAUtextchange function| HSBCAUformsubmit function| HSBCAUSendJsonData function| HSBCAUtrackYouTubeIframePlayer function| HSBCAUinitialExecutionCanProceed function| HSBCAUblockExecutionForInsertAlreadyPresent function| HSBCAUSL function| HSBCAUsendScriptRequests function| HSBCAUcookieAllowsScriptToProceed function| HSBCAUSC function| HSBCAUfindCookieVal function| HSBCAUdeleteLegacyCookies function| HSBCAUdoDeleteCookie boolean| HSBCAULF function| HSBCAUclearStoppedState function| HSBCAUstop function| HSBCAUgenerateUUID object| HSBCAUcookieList function| HSBCAUgC function| HSBCAUae function| HSBCAUclient_event function| HSBCAUGP function| HSBCAUGPWID function| HSBCAULC string| HSBCAUTWID function| HSBCAUoptOut function| HSBCAUoptIn function| HSBCAUanonymous function| HSBCAUresetCSA function| HSBCAUdoReInit function| HSBCAUtmoPoll boolean| HSBCAUjsInsertAlreadyLoaded function| HSBCAUgetSD string| HSBCAUwindowID number| HSBCAUTm object| HSBCAUsImgArr object| HSBCAURTEHandler object| h boolean| gtag_enable_tcf_support object| e number| f string| items object| google_tag_manager object| google_tag_data object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
.hsaugroup.com/ Name: optimizelyEndUserId
Value: oeu1693472121743r0.9269918097225078
.hsaugroup.com/ Name: tms_ref
Value:
.hsaugroup.com/ Name: usy46gabsosd
Value: HSBCAU_16934721242910.03af6cdee22fbd10205c07ff7aade51e_4027
.hsaugroup.com/ Name: _gcl_au
Value: 1.1.152202407.1693472124
.hsaugroup.com/ Name: _fbp
Value: fb.1.1693472124628.1846849629
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tealiumiq.com/ Name: TAPID
Value: hsbc/wpb-stream-au>018a4acde2590089fb209c2725e803074001606c00b08|
.hsaugroup.com/ Name: utag_main
Value: v_id:018a4acde2590089fb209c2725e803074001606c00b08$_sn:1$_se:1$_ss:1$_st:1693473921434$ses_id:1693472121434%3Bexp-session$_pn:1%3Bexp-session$dc_group:73$dc_visit:1$dc_event:1%3Bexp-session$dc_region:ap-southeast-2%3Bexp-session

4 Console Messages

Source Level URL
Text
network error URL: https://hsaugroup.com/auth-status-hint?_=1693472121404
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lptag.liveperson.net/tag/tag.js?site=21508700
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://hsaugroup.com/
Message:
Access to XMLHttpRequest at 'https://www.mcm-prod.hsbc.com.au/4027/handler9/session.json' from origin 'https://hsaugroup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.mcm-prod.hsbc.com.au/4027/handler9/session.json
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.appdynamics.com
cdn.optimizely.com
col.eum-appdynamics.com
collect-ap-southeast-2.tealiumiq.com
connect.facebook.net
googleads.g.doubleclick.net
hsaugroup.com
logx.optimizely.com
lptag.liveperson.net
tags.tiqcdn.com
visitor-service-ap-southeast-2.tealiumiq.com
www.facebook.com
www.google.com
www.google.fr
www.googletagmanager.com
www.mcm-prod.hsbc.com.au
www.mcm-prod.hsbc.com.au
104.219.248.103
143.204.98.79
178.249.97.23
184.30.214.197
184.30.216.26
203.112.91.11
2600:9000:223e:8600:7:2bfb:7c00:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a02:26f0:3100:38a::13b8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.203.66.55
52.37.94.185
52.65.26.233
54.79.101.108
09b648832183233050fb5d1435d6adff56e4da3c79d8066f4b622eb5695e99fe
0b6e2b5ae6e4943c0df175e278d2ff01b14513a61d56f52ab09d46aa9600cd04
1398b7aa018302110402a3c7865eee99ecbeab6797ffc5391c06ebbb5b9db2d2
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1a3b261bc180b22846f05ee508cdd2b0154403f7a3ad4722ad8020310a702e0a
1d3401d0d0427b3f54558cdad03390626115c1a01b0700bcdd1d2d060e46ddd3
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
218730e84fa10a22d8f2916ad2eabf214cc2f1512aa1201aa5f43eb8ae784ebe
2310d200e4a4552050aed14690f8beabda58cb247d600fb7fee7812f928bbb26
310bba12e493ac7ff120d00de7dd1d8e03d0f9ff61140b644ba903a559762ac7
33d65290e0d729450c46c179d15cdc7773c7a670bee7b90dd76e9b6a931465c5
38c881a3d53ef225ff8fc81b607e67606d89c4924343877eb57ea09101cedfbc
392961169ed068757ca4ccfba64f9a1e5cfd0e5c2467039ec5f0315afcb4de50
3ecab6c5ed3bbfc3064b173c6b8412d4df76d9c3228bc41d915dc3d7eaf0add2
4581d0a750f26b4229bf56c26583aac90e19b39ccbc23c3f0a109b05076a0676
4a173f345c5802a8e034413f3debcf34554afc8b6a59f8177fbe6114c96704e9
4a8f96af8a2980c428c4e54a84253c5ba77b0ae03ba43dff9a7d4c622e97354b
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
589c637bb7a658de26723d9dfedcb3a517d9b34d696c9335028986acec6f4b0b
5bd254242302d5ea751d62edbdf3ba0df80d9ecb824fdb5e2d063296eb7ebc1c
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6a1721e57194b0069b6c65a3afcb7c8106d060c2d479dee33015430176a7d881
7533e548db945c0025f1f7fbd502ff27189bacab0beada9ea20568a1504fdfae
76e6fcb163f76c23e3595acdb5c37457b8529ae4612bdfd266a9ef3d83550586
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
8d68adcd8893b24204c94831508129355a6beb8da4ba260d178d4034f40f3b67
93c07870357d4426bf5de0e3b8733bdaf31999ced5c86603105ab45f57dfafae
980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133
9963a0d111fcb3d87a4874730cbfba7a84520aebb866b74886fd7d6de5a5b608
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3cc539e89081d74391cb96043c9403c5de1c0015f2778f6e6c78cd48c5e97a4
ad6425f56028e6a3bdd936eaf8aa2bf9768f7687e3c0f7fea845ba999968448e
b505d677b2729fda40bdfe8c6978dcf437646960f9f60ff77b996c98d8efe805
b50952e80beac3073c71848ec43d4ceaa929ada20b254a709a155b0861d59647
b6eaf757ac5f2e6f8ee6a53fb3bb01bd49d60cf12979397b713b85aad43c9a27
c1589c5dae3fbb29fe1083596ffab664f38723153f3b640311fc3be128db68b0
c736d15fc8104340a0fcbdad3dea714abc1a358ec4e108952c223a24460006e3
d03bfb0fb59b82ddd9b51404e803aa17a9bdee7908cf0e7b40c5ff89fd46cbe8
d19815942e480fb332d46adf92a607b10f9ac070bdbcbdcd87cdee95610cc929
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
db70fc1ff5da9ca33e3320fa21f5e5834f07b36565428190a2989d5f38b485be
dd1f0b70f08d06591a084ce3b00c0354d0c673c1c8aba0c6ff4e3b4309816232
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e573daaaf5036d35dd11282831170c38f36d9518d584d6523781ceed294cc193
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
e594d154806d7cab7ca0fbddcb9256c0fb55bb324c1ff3521664876fb6f8e04e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629