URL: https://travel.hsbc.ca/
Submission: On February 17 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 32 IPs in 2 countries across 22 domains to perform 77 HTTP transactions. The main IP is 208.103.171.96, located in Canada and belongs to CARBON60-TOR2, CA. The main domain is travel.hsbc.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 14th 2022. Valid for: a year.
This is the only time travel.hsbc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 208.103.171.96 393845 (CARBON60-...)
9 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 2600:141b:f00... 20940 (AKAMAI-ASN1)
2 52.218.185.241 16509 (AMAZON-02)
1 52.217.171.161 16509 (AMAZON-02)
2 45.60.73.47 19551 (INCAPSULA)
1 52.217.103.148 16509 (AMAZON-02)
2 54.231.162.209 16509 (AMAZON-02)
2 2600:141b:900... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 107.23.31.66 14618 (AMAZON-AES)
1 52.203.190.236 14618 (AMAZON-AES)
2 63.140.38.15 14618 (AMAZON-AES)
1 1 3.82.73.135 14618 (AMAZON-AES)
1 65.8.191.30 16509 (AMAZON-02)
1 54.243.116.94 14618 (AMAZON-AES)
1 52.217.78.62 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:210... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.120.103.20 396982 (GOOGLE-CL...)
4 34.67.250.180 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 52.218.244.8 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
6 151.101.2.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
77 32
Apex Domain
Subdomains
Transfer
11 typekit.net
use.typekit.net — Cisco Umbrella Rank: 440
p.typekit.net — Cisco Umbrella Rank: 577
125 KB
9 amazonaws.com
travel-img-assets.s3.us-west-2.amazonaws.com
redtag-ca.s3.amazonaws.com
itravel2000.s3.amazonaws.com — Cisco Umbrella Rank: 898560
travel-img.s3.amazonaws.com — Cisco Umbrella Rank: 864711
s3.amazonaws.com
s3-us-west-2.amazonaws.com
813 KB
8 hsbc.ca
travel.hsbc.ca
2 MB
6 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341
11 KB
6 auryc.com
cdn.auryc.com — Cisco Umbrella Rank: 27776
client-api.auryc.com — Cisco Umbrella Rank: 18793
193 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475
91 KB
3 omtrdc.net
redtagvacations.d2.sc.omtrdc.net — Cisco Umbrella Rank: 919610
redtag.tt.omtrdc.net — Cisco Umbrella Rank: 820890
862 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
redtagvacations.demdex.net — Cisco Umbrella Rank: 906613
5 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
239 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8356
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 16430
75 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
136 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
142 KB
2 redtag.ca
www.redtag.ca — Cisco Umbrella Rank: 928083
11 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 222
527 B
1 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 10393
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
1 cloudfront.net
dnn506yrbagrg.cloudfront.net
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1029
517 B
77 22
Domain Requested by
9 use.typekit.net travel.hsbc.ca
use.typekit.net
8 travel.hsbc.ca travel.hsbc.ca
6 js-agent.newrelic.com travel.hsbc.ca
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 client-api.auryc.com cdn.auryc.com
4 assets.adobedtm.com travel.hsbc.ca
assets.adobedtm.com
2 www.facebook.com travel.hsbc.ca
2 s3-us-west-2.amazonaws.com cdn.ywxi.net
2 www.google.ca travel.hsbc.ca
2 www.google.com travel.hsbc.ca
2 cdn.auryc.com travel.hsbc.ca
cdn.auryc.com
2 my.hellobar.com www.googletagmanager.com
my.hellobar.com
2 connect.facebook.net travel.hsbc.ca
connect.facebook.net
2 redtagvacations.d2.sc.omtrdc.net assets.adobedtm.com
travel.hsbc.ca
2 dpm.demdex.net assets.adobedtm.com
travel.hsbc.ca
2 www.googletagmanager.com travel.hsbc.ca
www.googletagmanager.com
2 p.typekit.net use.typekit.net
2 travel-img.s3.amazonaws.com travel.hsbc.ca
2 www.redtag.ca travel.hsbc.ca
2 travel-img-assets.s3.us-west-2.amazonaws.com travel.hsbc.ca
1 bam.nr-data.net js-agent.newrelic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.ywxi.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com travel.hsbc.ca
1 s3.amazonaws.com travel.hsbc.ca
1 redtag.tt.omtrdc.net assets.adobedtm.com
1 dnn506yrbagrg.cloudfront.net travel.hsbc.ca
1 cm.everesttech.net 1 redirects
1 redtagvacations.demdex.net assets.adobedtm.com
1 itravel2000.s3.amazonaws.com travel.hsbc.ca
1 redtag-ca.s3.amazonaws.com travel.hsbc.ca
77 32

This site contains no links.

Subject Issuer Validity Valid
travel.hsbc.ca
Entrust Certification Authority - L1K
2022-04-14 -
2023-04-14
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon
2022-09-21 -
2023-08-24
a year crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-06 -
2023-06-04
6 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
*.d2.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2022-08-01 -
2023-09-01
a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2022-12-06 -
2023-12-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-11-26 -
2023-02-24
3 months crt.sh
*.ywxi.net
Amazon
2022-07-05 -
2023-08-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-09-24 -
2023-09-24
a year crt.sh
cdn.auryc.com
GTS CA 1D4
2023-01-30 -
2023-04-30
3 months crt.sh
*.auryc.com
R3
2023-01-27 -
2023-04-27
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.google.ca
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://travel.hsbc.ca/
Frame ID: BB5811E3A934E5F6ACEC21DDABEDCC66
Requests: 74 HTTP requests in this frame

Frame: https://redtagvacations.demdex.net/dest5.html?d_nsid=0
Frame ID: 19CD661F682DD6CB3F29DD03E24A3DB1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Vacation Packages | Cruises & Last Minute Deals | AIR MILES - Red Tag Vacations

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

77
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

32
Subdomains

32
IPs

2
Countries

3660 kB
Transfer

5335 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://cm.everesttech.net/cm/dd?d_uuid=78167555125947437161204985405732350320 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
travel.hsbc.ca/
101 KB
102 KB
Document
General
Full URL
https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
3c9ea11e277afc1cc289f56ce64f4e6808f463f01775bb9b9957f8de333f59f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Feb 2023 15:45:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
rbc7oki.css
use.typekit.net/
11 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/rbc7oki.css
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 17 Feb 2023 15:40:19 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1197
styles.css
travel.hsbc.ca/build/public/css/
549 KB
550 KB
Stylesheet
General
Full URL
https://travel.hsbc.ca/build/public/css/styles.css?v=102
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified
Thu, 16 Jun 2022 18:08:04 GMT
Server
Apache
ETag
"89591-5e19484dd96cd"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
562577
resources.js
travel.hsbc.ca/build/public/js/
810 KB
810 KB
Script
General
Full URL
https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified
Fri, 24 Jun 2022 03:32:23 GMT
Server
Apache
ETag
"ca7a4-5e22937f1021e"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
829348
satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/
146 KB
41 KB
Script
General
Full URL
https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:19 GMT
content-encoding
gzip
last-modified
Fri, 11 Jan 2019 17:52:23 GMT
server
AkamaiNetStorage
etag
"06aa947119a4f180d30b9b6eb4dea5a5:1547229143"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travel.hsbc.ca
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
42102
expires
Fri, 17 Feb 2023 15:40:19 GMT
logo-hsbc-red.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/
6 KB
6 KB
Image
General
Full URL
https://travel-img-assets.s3.us-west-2.amazonaws.com/logos/logo-hsbc-red.png
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.185.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-version-id
lr7.YluXTS.mmvpxNOKmSMQx33ypClXK
Last-Modified
Mon, 06 Dec 2021 19:11:00 GMT
Server
AmazonS3
x-amz-request-id
HC81HTQ7X8P4S538
ETag
"4cfc9854e1710cde4cfd6332fe71b307"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5651
x-amz-id-2
RSOokoqhsFmv2re7qqOvppnEl1gSGj4VC1eXgqDYXMHMD+IR3asAF63FwK1BdzpazCrn6TXAsN4=
logo-redtag-2021.svg
redtag-ca.s3.amazonaws.com/img/branding/
5 KB
5 KB
Image
General
Full URL
https://redtag-ca.s3.amazonaws.com/img/branding/logo-redtag-2021.svg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified
Wed, 24 Mar 2021 17:30:30 GMT
Server
AmazonS3
x-amz-request-id
08MQ5Y3JNRPAANGF
ETag
"38d4e5eac4e13f63c161f7878f41573f"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5063
x-amz-id-2
COsFB/Of1FzoFO8ikcP2t1B7ea7FoiS0GPi2waA2aps0SypZqydffzL0zzaQGaWrzciJNPLkMVY=
fountain-loader.gif
www.redtag.ca/public/img/
9 KB
9 KB
Image
General
Full URL
https://www.redtag.ca/public/img/fountain-loader.gif
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.73.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:19 GMT
last-modified
Mon, 30 Nov 2015 17:13:25 GMT
x-cdn
Imperva
etag
"2409-525c528b09740"
content-type
image/gif
x-iinfo
7-27362053-0 0CNN RT(1676648419508 31) q(0 -1 -1 5) r(0 -1)
cache-control
max-age=30067599, public
content-length
9225
expires
Wed, 31 Jan 2024 15:46:58 GMT
2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
itravel2000.s3.amazonaws.com/img/banners/
669 KB
670 KB
Image
General
Full URL
https://itravel2000.s3.amazonaws.com/img/banners/2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.103.148 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified
Fri, 03 Jun 2022 14:56:12 GMT
Server
AmazonS3
x-amz-request-id
08MQ19WC604JV0TP
ETag
"003c44e5b535504d148c08452a3526e2"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
685305
x-amz-id-2
zYRG5E/gMEOAvXjkAubH0nakJ0GnFF68UN+t7ocWx3m35vFOrXbO6AuBRFTbC86V133xjx2VyA4=
2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
travel-img.s3.amazonaws.com/
5 KB
6 KB
Image
General
Full URL
https://travel-img.s3.amazonaws.com/2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.162.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified
Fri, 13 Jul 2018 16:31:06 GMT
Server
AmazonS3
x-amz-request-id
08MK0YYDW4H9WMZ2
ETag
"ca6125afb83ae4f240d723cfd848897f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5296
x-amz-id-2
QE7pYiOsFjFujRXrDNh825bs2MV/Dd5jSdwNrqwkUGnWlDDw+KN65vHco7Iv/sXut90pbW5WtTE=
2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
travel-img.s3.amazonaws.com/
105 KB
106 KB
Image
General
Full URL
https://travel-img.s3.amazonaws.com/2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.162.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified
Tue, 02 Apr 2019 19:05:27 GMT
Server
AmazonS3
x-amz-request-id
08MV0K2DBHSAF49W
ETag
"9fb75b0f74626bf3b4c03348376e828e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
107842
x-amz-id-2
HSNAidQnWXDDZQleApy+waRINl3lir7Efihb9gAo2Z0b4OYCgxFHwRJm+6bBznJ6ghZNKyWSqyo=
logo-consumer-protection-bc-grey.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/
18 KB
18 KB
Image
General
Full URL
https://travel-img-assets.s3.us-west-2.amazonaws.com/logos/logo-consumer-protection-bc-grey.png
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.185.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-version-id
oF1s9WySqNbFVisoWlIHSy1sEOlZIZLS
Last-Modified
Thu, 16 Sep 2021 21:14:46 GMT
Server
AmazonS3
x-amz-request-id
HC8EH5V5EJA3J9T1
ETag
"3846c4b98b16a62aff6b5c00b59d147f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
18310
x-amz-id-2
kPJvwG/4AQOrDExve/6IrX0A+lIyn9KWXZb2n5dsDuYit/zj+qZ7q0k2OkCZ/kuKlY4a6xeuzaY=
engine.js
travel.hsbc.ca/build/public/js/
25 KB
25 KB
Script
General
Full URL
https://travel.hsbc.ca/build/public/js/engine.js?v=20230217102
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified
Fri, 24 Jun 2022 03:32:23 GMT
Server
Apache
ETag
"62e7-5e22937ebf90c"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25319
app.js
travel.hsbc.ca/build/public/js/
369 KB
370 KB
Script
General
Full URL
https://travel.hsbc.ca/build/public/js/app.js?v=20230217102
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified
Fri, 24 Jun 2022 03:32:23 GMT
Server
Apache
ETag
"5c49e-5e22937f05a26"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
378014
icon-tag.png
www.redtag.ca/public/img/
1 KB
2 KB
Image
General
Full URL
https://www.redtag.ca/public/img/icon-tag.png
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.73.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:19 GMT
last-modified
Wed, 12 Nov 2014 21:34:37 GMT
x-cdn
Imperva
etag
"c89-507b02997b540"
content-type
image/png
x-iinfo
7-27362053-0 0CNN RT(1676648419508 38) q(0 -1 -1 6) r(0 -1)
cache-control
max-age=30067575, public
content-length
1245
expires
Wed, 31 Jan 2024 15:46:34 GMT
p.css
p.typekit.net/
5 B
181 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=rbc7oki&ht=tk&f=7986.7987.7992.7996.7997.24349.24350.24351.24352.24353.24354.24355.24356.43311.43312&a=5869931&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b92 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:19 GMT
last-modified
Thu, 28 Jul 2022 21:30:08 GMT
server
nginx
etag
"62e2ffe0-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/
173 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f9d43290409aa98aed44040287a6d0f64f7244a797fe019a071a2e0825b284c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65447
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Feb 2023 15:40:20 GMT
id
dpm.demdex.net/
374 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&d_nsid=0&ts=1676648419927
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-31-66.compute-1.amazonaws.com
Software
/
Resource Hash
e9890c27240113560698eff607ce35fdee560276af99be6e09c5e24e55f96f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-2-v045-0a4b29916.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
WpE5XoujS28=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://travel.hsbc.ca
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
315
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/
106 KB
34 KB
Script
General
Full URL
https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:19 GMT
content-encoding
gzip
last-modified
Fri, 04 Jan 2019 18:54:50 GMT
server
AkamaiNetStorage
etag
"4b1b4fee3d84660737febe5404c0cd49:1546628090"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travel.hsbc.ca
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
34452
expires
Fri, 17 Feb 2023 15:40:19 GMT
icon-defs.svg
travel.hsbc.ca/public/img/icons/
130 KB
130 KB
Other
General
Full URL
https://travel.hsbc.ca/public/img/icons/icon-defs.svg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified
Thu, 16 Jun 2022 18:08:28 GMT
Server
Apache
ETag
"2073f-5e19486573b0b"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
132927
dest5.html
redtagvacations.demdex.net/ Frame 19CD
7 KB
3 KB
Document
General
Full URL
https://redtagvacations.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.190.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-190-236.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://travel.hsbc.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-va6-2-v045-03a82d1b9.edge-va6.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Tmv3htCdTto=
content-encoding
gzip
date
Fri, 17 Feb 2023 15:40:20 GMT
last-modified
Wed, 8 Feb 2023 11:53:40 GMT
vary
accept-encoding
id
redtagvacations.d2.sc.omtrdc.net/
2 B
266 B
XHR
General
Full URL
https://redtagvacations.d2.sc.omtrdc.net/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&mid=78139085296091929431203254976671751483&ts=1676648420141
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-15.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://travel.hsbc.ca
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=78167555125947437161204985405732350320
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Server
107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-31-66.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v045-0bf3a6fc1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FXz+6yLWQ/U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
Date
Fri, 17 Feb 2023 15:40:20 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098

Request headers

Referer
https://use.typekit.net/rbc7oki.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18076
satellite-5c2e349564746d181a0175a4-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/
6 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/satellite-5c2e349564746d181a0175a4-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
gzip
last-modified
Fri, 04 Jan 2019 18:54:50 GMT
server
AkamaiNetStorage
etag
"423cdc594a14105f1ac7d02e9558044c:1546628090"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travel.hsbc.ca
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
2261
expires
Fri, 17 Feb 2023 15:40:20 GMT
s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/
34 KB
13 KB
Script
General
Full URL
https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
gzip
last-modified
Fri, 11 Jan 2019 17:52:21 GMT
server
AkamaiNetStorage
etag
"9a1e762486f8afef7a6f384a1e9c253d:1547229141"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travel.hsbc.ca
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
13170
expires
Fri, 17 Feb 2023 15:40:20 GMT
listing
travel.hsbc.ca/engine/vacations/
85 KB
30 KB
XHR
General
Full URL
https://travel.hsbc.ca/engine/vacations/listing
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/json;charset=utf-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
30209
2921.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0017/
0
0
Script
General
Full URL
https://dnn506yrbagrg.cloudfront.net/pages/scripts/0017/2921.js?465735
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.8.191.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-191-30.bos50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

json
redtag.tt.omtrdc.net/m2/redtag/mbox/
96 B
396 B
XHR
General
Full URL
https://redtag.tt.omtrdc.net/m2/redtag/mbox/json?mbox=target-global-mbox&mboxSession=6e4f7b46307141348163132c0bbab5a9&mboxPC=&mboxPage=7f7712428e144971b0cd24326b7e0204&mboxVersion=1.2.0&mboxCount=1&mboxTime=1676648420324&mboxHost=travel.hsbc.ca&mboxURL=https%3A%2F%2Ftravel.hsbc.ca%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=78139085296091929431203254976671751483&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=&mboxMCGLH=7&vst.trk=redtagvacations.d2.sc.omtrdc.net&vst.trks=redtagvacations.d2.sc.omtrdc.net&mboxMCSDID=536294BBE24929C3-46A297C40C6853C8
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.116.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-116-94.compute-1.amazonaws.com
Software
/
Resource Hash
eb9ee98fd8b9366a477e3da10332133d96b8e24ceffcb0c723983b86503ab9cc

Request headers

Accept
application/json
Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
96
x-request-id
137c127e8016e755baefafbf82b2f405
yyz,ytz
travel.hsbc.ca/engine/vacations/destinations/
34 KB
9 KB
XHR
General
Full URL
https://travel.hsbc.ca/engine/vacations/destinations/yyz,ytz
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software
Apache /
Resource Hash
d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519

Request headers

Accept
application/json, text/plain, */*
Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:45:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/json;charset=utf-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
8949
icon-chevron-down.svg
s3.amazonaws.com/redtag-ca/img/icons/
449 B
809 B
Image
General
Full URL
https://s3.amazonaws.com/redtag-ca/img/icons/icon-chevron-down.svg
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/css/styles.css?v=102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:21 GMT
Last-Modified
Mon, 26 Feb 2018 22:08:28 GMT
Server
AmazonS3
x-amz-request-id
HC8EJQDVDS5QK9X2
ETag
"f4e66dcb432c4128b8007c2fa4572250"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
449
x-amz-id-2
GZkdUcZmQo2CU4wzHE0GBDDYPUtsV1LSVx05cN3ZgvaZjfrBYdojdfv0Zj7I69KKNvGl87gmoxI=
l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/
13 KB
14 KB
Font
General
Full URL
https://use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e

Request headers

Referer
https://use.typekit.net/rbc7oki.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"6c6a600f247a71e5bec38230436a588f0aed8849"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13688
l
use.typekit.net/af/403911/00000000000000003b9b3880/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309

Request headers

Referer
https://use.typekit.net/rbc7oki.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"112e33239582b68be657159b85f4e16e5ce72672"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17988
l
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c

Request headers

Referer
https://use.typekit.net/rbc7oki.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"d565fbd7462cbd43bdd44d30e039bca2154e8b6d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17176
css
fonts.googleapis.com/
19 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto|Open+Sans:400,300,600,700|Oswald:700|Khand:400,500,300,600,700
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 15:40:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Feb 2023 15:40:20 GMT
ywd8yvm.css
use.typekit.net/
6 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/ywd8yvm.css
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
889
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Feb 2023 14:41:43 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 17 Feb 2023 16:41:43 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/?random=1676648420507&cv=11&fst=1676648420507&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&auid=1044163032.1676648420&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b2344c32f2d00f89162c7a449aa610b1491e52e6f274fed48a1c2230ae2b738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Feb 2023 15:40:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5W6kza/WjWrzQ+lRH6QXlMStFBeTZCIvWTCqjJUAooh7/HKm0cEF0HOFDrB9p00cntao3I1tsMSYRl6yFknT5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1.js
cdn.ywxi.net/js/
19 KB
5 KB
Script
General
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:b400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:12:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 53a0c837da247a6d49f09ae6de51454e.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
1693
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
4567
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-trace
2B5C53DF2A83210DF633FAB44EE14DCB608E861DCB000000000000000000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
qdDANL5L4QJtAcsDC9_wkAncTYIElBSnQQS4DzlZeq2pnUjxIiMuUg==
expires
Fri, 17 Feb 2023 16:12:07 GMT
f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
my.hellobar.com/
2 KB
1 KB
Script
General
Full URL
https://my.hellobar.com/f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 17 Feb 2023 04:56:52 GMT
server
cloudflare
x-amz-request-id
1W49SYKYCG8W1QHA
age
2
etag
W/"108f85c8e6bcddf1b77ef4d28a5eada0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
79af9ef4bf6618c4-EWR
x-amz-id-2
TcFNxfq/9Gvu/ndW6CmfS0t8gWGPMco8HJO61xqYWD95yZMDH6nKJWSFXBQHZgtJvVPkhHBPgpE=
container.js
cdn.auryc.com/862-redtagca/
36 KB
10 KB
Script
General
Full URL
https://cdn.auryc.com/862-redtagca/container.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.103.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:38:04 GMT
content-encoding
gzip
age
136
x-guploader-uploadid
ADPycdvz2VdNxtl-e1rQczM6RN2y3jMUPj7nBQfdE5ho9tYb0eIh8wb1OxII5aafzl8RHBryjQCA1GFG2t7coCpEHPRneQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9857
last-modified
Tue, 23 Aug 2022 16:51:03 GMT
server
UploadServer
etag
"d8d78c2767e3c52e5392f9a3043c9e4a"
vary
Accept-Encoding
x-goog-generation
1661273463828478
x-goog-hash
crc32c=U+BpCw==, md5=2NeMJ2fjxS5TkvmjBDyeSg==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
9857
accept-ranges
bytes
expires
Fri, 17 Feb 2023 16:38:04 GMT
js
www.googletagmanager.com/gtag/
226 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3161d1cf084af4d940e1eb83ae36ffaec395098b0f48da7346cc0609c00f2ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Feb 2023 15:40:20 GMT
s56166747374391
redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/
43 B
200 B
Image
General
Full URL
https://redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/s56166747374391?AQB=1&ndh=1&pf=1&t=17%2F1%2F2023%2015%3A40%3A20%205%200&sdid=536294BBE24929C3-46A297C40C6853C8&D=D%3D&mid=78139085296091929431203254976671751483&aamlh=7&ce=UTF-8&pageName=redtag%3Ahome&g=https%3A%2F%2Ftravel.hsbc.ca%2F&cc=CAD&ch=Home&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=home&c14=evar26&v43=Desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&AQE=1
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-15.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 15:40:20 GMT
server
jag
etag
3600575066001276928-4619584441381032645
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16 Feb 2023 15:40:20 GMT
p.css
p.typekit.net/
5 B
181 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=ywd8yvm&ht=tk&f=24349.24350.24351.24352.24353.24354.24355.24356&a=5869931&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7b92 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
last-modified
Thu, 28 Jul 2022 21:30:08 GMT
server
nginx
etag
"62e2ffe0-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
releasesettings
client-api.auryc.com/
2 B
154 B
XHR
General
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/862-redtagca/container.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.250.67.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-authorized-identity
862-redtagca
Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-authorized-token
4ffe693a7b6713dd0dda6232e73eeed0

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
content-length
28
x-xss-protection
1; mode=block
expires
0
releasesettings
client-api.auryc.com/ Frame
0
0
Preflight
General
Full URL
https://client-api.auryc.com/releasesettings?lib=Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.250.67.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://travel.hsbc.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 17 Feb 2023 15:40:20 GMT
expires
0
pragma
no-cache
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
l
use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c

Request headers

Referer
https://use.typekit.net/ywd8yvm.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"35d84286ad96b5e233e7b42237fde6b426b80cb3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19148
l
use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c

Request headers

Referer
https://use.typekit.net/ywd8yvm.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"f857635989416f48e63746424c11ff89cd1e278a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19096
l
use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba

Request headers

Referer
https://use.typekit.net/ywd8yvm.css
Origin
https://travel.hsbc.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
server
nginx
etag
"125664420af0a1367364a1380882109c270f677f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18364
collect
www.google-analytics.com/j/
4 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=625736362&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&ul=en-us&de=UTF-8&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=848251307&gjid=498365973&cid=958933944.1676648421&tid=UA-227765-19&_gid=1218148000.1676648421&_r=1&_slc=1&gtm=45He32f0n815WTJNMJ&z=58738270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=625736362&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&ul=en-us&de=UTF-8&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=915901173&gjid=611506445&cid=958933944.1676648421&tid=UA-76333024-27&_gid=1218148000.1676648421&_r=1&_slc=1&gtm=45He32f0n815WTJNMJ&z=559811124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10852696127/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10852696127/?random=1676648420507&cv=11&fst=1676646000000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&fmt=3&is_vtc=1&random=1963430130&rmt_tld=0&ipr=y
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10852696127/
42 B
455 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/10852696127/?random=1676648420507&cv=11&fst=1676646000000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&fmt=3&is_vtc=1&random=1963430130&rmt_tld=1&ipr=y
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1622896811338454
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1622896811338454?v=2.9.96&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 Feb 2023 15:40:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110399
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
F1QPegIXUzk8UNzN079laAOeTiAUF41gx68EA6uFJQNA02s/GsOerZclOQr9mzVns2dlPjK4pOOimfXL4qOCLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&gjid=498365973&_gid=1218148000.1676648421&_u=YEBAAEAAAAAAACAAI~&z=1481278190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TPHELVR18L&gtm=45je32f0&_p=625736362&cid=958933944.1676648421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676648420&sct=1&seg=0&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auryc.lib.js
cdn.auryc.com/libs/latest/
676 KB
180 KB
Script
General
Full URL
https://cdn.auryc.com/libs/latest/auryc.lib.js
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/862-redtagca/container.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.103.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:37:47 GMT
content-encoding
gzip
age
153
x-guploader-uploadid
ADPycdv94VGSexXkPLYyBN0_bh6C95Fv0G4pjqBcLpDaWkN458X2rNaQYHo6OkRzCoEagZn4OhlFsbYfqOMSJPyL49jLQw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183971
last-modified
Wed, 15 Feb 2023 18:40:04 GMT
server
UploadServer
etag
"74a9ea466ce10f89ce5dda9eb8d2ffc3"
x-goog-generation
1676486404647779
x-goog-hash
crc32c=AvqvZQ==, md5=dKnqRmzhD4nOXdqeuNL/ww==
content-type
application/javascript
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
183971
accept-ranges
bytes
expires
Fri, 17 Feb 2023 16:37:47 GMT
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/
243 B
819 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsmain
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.244.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
346a045ad508f27667dd72f986172e352f1c4b56c399cb5df4690b48544fc8c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Server
AmazonS3
x-amz-request-id
24QSFCM064GFPQ94
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
https://travel.hsbc.ca
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Content-Type
application/xml
x-amz-id-2
/sBYrAH50avE7nuga6ofru7L9os43OfvzGa0AKUUwbrTsatdpIVETW8xV5c5bx2/BS8I3qVy/Nk=
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/
243 B
819 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsinline
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.244.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5bafd684bfb8baae485b5a73649805f13451bd42697635c1412b60046ad1173f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:20 GMT
Server
AmazonS3
x-amz-request-id
24QHWKTSEHFNQDMD
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
https://travel.hsbc.ca
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Content-Type
application/xml
x-amz-id-2
oXCMND22T+QaT2G9k58SLUfT+Q/KJukvoG4E5wFn4f992YAeMTGJW5XlAP6nh1bXlM2NsBQIEy8=
modules.js
my.hellobar.com/
254 KB
73 KB
Script
General
Full URL
https://my.hellobar.com/modules.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 05:10:46 GMT
server
cloudflare
x-amz-request-id
BCDF1B78YSBXYE80
age
6553
cf-polished
origSize=260615
etag
W/"ee85f3aa09f4f82ddd1d0df2fd1af30f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
79af9ef66afb18c4-EWR
x-amz-id-2
KMFlqLtXpPm9PTgdQFdAo3wfl0em7wFiC+Guw/UCrahQIc022xD8ZGGv+U8RRQajYnqWznAfWwY=
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1622896811338454&ev=PageView&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&rl=&if=false&ts=1676648420864&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676648420862.308616330&it=1676648420741&coo=false&rqm=GET
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 Feb 2023 15:40:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&_u=YEBAAEAAAAAAACAAI~&z=340461219
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
107 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&_u=YEBAAEAAAAAAACAAI~&z=340461219
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
siteconfig
client-api.auryc.com/
14 KB
3 KB
XHR
General
Full URL
https://client-api.auryc.com/siteconfig?lib=web
Requested by
Host: cdn.auryc.com
URL: https://cdn.auryc.com/libs/latest/auryc.lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.250.67.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-authorized-identity
862-redtagca
Referer
https://travel.hsbc.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-authorized-token
4ffe693a7b6713dd0dda6232e73eeed0
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
2794
x-xss-protection
1; mode=block
expires
0
siteconfig
client-api.auryc.com/ Frame
0
0
Preflight
General
Full URL
https://client-api.auryc.com/siteconfig?lib=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.250.67.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method
GET
Origin
https://travel.hsbc.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods
OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 17 Feb 2023 15:40:20 GMT
expires
0
pragma
no-cache
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
async-api.6bb277af-1225.min.js
js-agent.newrelic.com/
2 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
H1NJ9VB8EY3PTGMW
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1094
x-amz-id-2
Iz6MlHyTEJaKQC8eYTuYUoyKAO6rEZHQa7DpkqLGSMl3x45yGff7ijhcne4gXRonY53Dcy1JMj8=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.032812,VS0,VE0
etag
"dd573d973dfb2a2559befdfb616d511d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4513
lazy-loader.48127245-1225.min.js
js-agent.newrelic.com/
2 KB
723 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
Y4K5HGP30MBPE91Q
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
520
x-amz-id-2
dIYDGmEvgFx05edPNHExR7BogTfJ37JGDFmni/SWblpl3nJzuI4z3wkCcZ7mimwHSug7PWn0fNI=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.033038,VS0,VE0
etag
"a3759bbbd15fffd73531bda1e8166ae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3598
a29d4b5a-e12c-48f9-9c9b-4374313552c5
https://travel.hsbc.ca/
67 B
0
Other
General
Full URL
blob:https://travel.hsbc.ca/a29d4b5a-e12c-48f9-9c9b-4374313552c5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length
67
Content-Type
application/javascript
118.d37755e4-1225.min.js
js-agent.newrelic.com/
8 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
BCZTS6YS2GCGFKGX
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3412
x-amz-id-2
PmEwHoA9GlyukerPDhj6u8/WfbkJmAV3ORxQ31r5rW6FzuCQKh/G2gthW5Idi4B4SOLYF9DjBZM=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.133797,VS0,VE0
etag
"9c8a05b5703a1c30e0418f9ba42337df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4531
page_view_event-aggregate.29613e65-1225.min.js
js-agent.newrelic.com/
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
7C73CG4ZQQ6M7083
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1682
x-amz-id-2
4+uavw9wzTtO43WHAiBy7lrA53b5E+nK7BW6uVc4HdUfdNc9hVm03IB84bsrMFjIAKNfUc98CWg=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.134347,VS0,VE0
etag
"0743ee0ec30428f3654ee07d779efb64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4511
page_view_timing-aggregate.e791ce32-1225.min.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
H1NYMEJN4D7D2PWG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2248
x-amz-id-2
fA0zbF/RTkXcouOU1YRg7lBwulBrPjAMXHhHNCZ2m1xhx1JGoRGtqUmoFGZVCQyn645xdyhTnBQ=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.134348,VS0,VE0
etag
"84ba19034cf0206a49ecf68893086bdd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
105729
metrics-aggregate.b4a54ed9-1225.min.js
js-agent.newrelic.com/
1 KB
932 B
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by
Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id
H1NPSPEMX5MRQXZT
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
730
x-amz-id-2
qt8vPmJpeW8JwAEIr8+31toa2alk2eY2QjPgAm0ZUWvUebQrVA0bW7w1F18h2FvsIHUexHlkVxk=
x-served-by
cache-yul12832-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1676648421.134321,VS0,VE0
etag
"395608505dac1e4fbe08bd146e09f5c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4516
b99fa40c2c
bam.nr-data.net/1/
49 B
527 B
Script
General
Full URL
https://bam.nr-data.net/1/b99fa40c2c?a=563623457&v=1225.PROD&to=NgNbNxBTWBBRVUIPCw9JbBELHV8NVFNOSBQJFg%3D%3D&rst=1973&ck=0&s=e6dad2b39afaad84&ref=https://travel.hsbc.ca/&ap=170&be=308&fe=1508&dc=997&perf=%7B%22timing%22:%7B%22of%22:1676648419180,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:4,%22c%22:4,%22s%22:21,%22ce%22:60,%22rq%22:61,%22rp%22:253,%22rpe%22:293,%22dl%22:259,%22di%22:1305,%22ds%22:1305,%22de%22:1309,%22dc%22:1815,%22l%22:1815,%22le%22:1817%7D,%22navigation%22:%7B%7D%7D&fp=1475&fcp=1475&at=GkRYQVhJSx4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 15:40:21 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
79af9ef8ea873fdf-YYZ
342e1320-306e-4636-8310-12a28744b8f8
https://travel.hsbc.ca/
67 B
0
Other
General
Full URL
blob:https://travel.hsbc.ca/342e1320-306e-4636-8310-12a28744b8f8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length
67
Content-Type
application/javascript
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1622896811338454&ev=Microdata&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&rl=&if=false&ts=1676648422413&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations%22%2C%22meta%3Adescription%22%3A%22Shop%20Compare%20%26%20Pay%20less%20for%20All%20Inclusive%20Resorts%20%26%20Hotels%2C%20Cheap%20Flights%2C%20Airline%20Tickets%2C%20Last%20Minute%20Vacations%20Packages%20%26%20Discounted%20Cruises%22%2C%22meta%3Akeywords%22%3A%22Cheap%20Vacations%2C%20Airline%20Tickets%2C%20Vacations%20Packages%2C%20Car%20Rentals%2C%20All%20Inclusive%20Travel%20Deals%2C%20Last%20Minute%2C%20Mexico%2C%20Caribbean%2C%20Cuba%2C%20Hotel%20Reservations%2C%20Cheap%20Tickets%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1676648420862.308616330&it=1676648420741&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 Feb 2023 15:40:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TPHELVR18L&gtm=45je32f0&_p=625736362&cid=958933944.1676648421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676648420&sct=1&seg=0&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&en=scroll&epn.percent_scrolled=90&_et=19
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://travel.hsbc.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 15:40:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.hsbc.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA string| Locale string| pageId function| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dataLayer function| e function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate function| MM_jumpMenu object| gateways string| activeEngine object| digitalData function| loadDeferredStyles function| raf object| picturefillCFG function| picturefill object| lazyLoad object| carousels object| tabbedCarousels object| __consolidated_events_handlers__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| getSelectionText function| fbq function| _fbq object| aurycReadyCb object| auryc function| log function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_i_rtvrtvairmilesdev boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| bootstrap object| hellobarSiteSettings object| script function| launchAurycEventMarker function| hellobar object| aurycBehaviorAPI object| aurycRecordAPI string| FEEDBACKCONTENT string| FEEDBACKCONTENT_DESKTOP string| FEEDBACKINVITE string| FEEDBACKINVITE_DESKTOP string| FBTHANKYOU object| aurycFeedbackAPI function| launchAurycFeedback

23 Cookies

Domain/Path Name / Value
travel.hsbc.ca/engine/vacations/destinations Name: lang
Value: en
travel.hsbc.ca/engine/vacations Name: lang
Value: en
travel.hsbc.ca/ Name: lang
Value: en
travel.hsbc.ca/ Name: PHPSESSID
Value: 4dsjo37c0s1grjbidt7jtt1d50
travel.hsbc.ca/ Name: hsbctravel
Value: 572612618.47873.0000
.hsbc.ca/ Name: check
Value: true
.demdex.net/ Name: demdex
Value: 78167555125947437161204985405732350320
.hsbc.ca/ Name: AMCVS_52BC0C3A53DB25230A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y__f5AAAAL4J0gN2
.dpm.demdex.net/ Name: dpm
Value: 78167555125947437161204985405732350320
.hsbc.ca/ Name: _gcl_au
Value: 1.1.1044163032.1676648420
.hsbc.ca/ Name: s_cc
Value: true
.hsbc.ca/ Name: AMCV_52BC0C3A53DB25230A490D4D%40AdobeOrg
Value: -1303530583%7CMCIDTS%7C19406%7CMCMID%7C78139085296091929431203254976671751483%7CMCAAMLH-1677253220%7C7%7CMCAAMB-1677253220%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676655620s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19413%7CvVersion%7C3.3.0
.hsbc.ca/ Name: mbox
Value: session#6e4f7b46307141348163132c0bbab5a9#1676650281|PC#6e4f7b46307141348163132c0bbab5a9.34_0#1739893221
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hsbc.ca/ Name: _gid
Value: GA1.2.1218148000.1676648421
.hsbc.ca/ Name: _gat_UA-227765-19
Value: 1
.hsbc.ca/ Name: _gat_UA-76333024-27
Value: 1
.hsbc.ca/ Name: _ga
Value: GA1.1.958933944.1676648421
.hsbc.ca/ Name: _ga_TPHELVR18L
Value: GS1.1.1676648420.1.0.1676648420.0.0.0
.hsbc.ca/ Name: _fbp
Value: fb.1.1676648420862.308616330
.hsbc.ca/ Name: userty.core.p.be721e
Value: __2VySWQiOiI1ZjQ0MjRjYTFmNTY3NjNhNzE4NWVhMjgxZGRmY2VjYyJ9eyJ1c
.hsbc.ca/ Name: userty.core.s.be721e
Value: __SI6MTY3NjY1MDIyMTA1Mywic2lkIjoiMjIyNzViMWY2MjBmOWQxMTdlMjQyNzE4NTVmYWFlMGEiLCJzdCI6MTY3NjY0ODQyMTA1MywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9Iiwic21wbC53diI6ImYiLCJhdXJ5Yy5hZG9iZV9hbmFseXRpY3MiOiJmIiwic21wbC5hamF4IjoiZiJ9eyJzZ

5 Console Messages

Source Level URL
Text
javascript warning URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0017/2921.js?465735
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsinline
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsmain
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.auryc.com
cdn.ywxi.net
client-api.auryc.com
cm.everesttech.net
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
itravel2000.s3.amazonaws.com
js-agent.newrelic.com
my.hellobar.com
p.typekit.net
redtag-ca.s3.amazonaws.com
redtag.tt.omtrdc.net
redtagvacations.d2.sc.omtrdc.net
redtagvacations.demdex.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
stats.g.doubleclick.net
travel-img-assets.s3.us-west-2.amazonaws.com
travel-img.s3.amazonaws.com
travel.hsbc.ca
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redtag.ca
107.23.31.66
151.101.2.137
162.247.241.14
208.103.171.96
2600:141b:13::17d7:82b9
2600:141b:9000::1725:7b92
2600:141b:f000:f0a6::1e80
2600:9000:2105:b400:14:6bfc:5740:93a1
2606:4700:10::6816:f17
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.82.73.135
34.120.103.20
34.67.250.180
45.60.73.47
52.203.190.236
52.217.103.148
52.217.171.161
52.217.78.62
52.218.185.241
52.218.244.8
54.231.162.209
54.243.116.94
63.140.38.15
65.8.191.30
1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c
277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a
2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9
346a045ad508f27667dd72f986172e352f1c4b56c399cb5df4690b48544fc8c9
3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677
3c9ea11e277afc1cc289f56ce64f4e6808f463f01775bb9b9957f8de333f59f9
43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7
4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309
56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2344c32f2d00f89162c7a449aa610b1491e52e6f274fed48a1c2230ae2b738
5bafd684bfb8baae485b5a73649805f13451bd42697635c1412b60046ad1173f
5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321
5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96
64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0
686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971
6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3
6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c
6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2
7f9d43290409aa98aed44040287a6d0f64f7244a797fe019a071a2e0825b284c
8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e
96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354
b3161d1cf084af4d940e1eb83ae36ffaec395098b0f48da7346cc0609c00f2ed
b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7
b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763
bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95
bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab
c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c
e9890c27240113560698eff607ce35fdee560276af99be6e09c5e24e55f96f35
eb9ee98fd8b9366a477e3da10332133d96b8e24ceffcb0c723983b86503ab9cc
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d
f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321