travel.hsbc.ca Open in urlscan Pro
208.103.171.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://travel.hsbc.ca/
Submission: On February 17 via automatic, source certstream-suspicious (February 17th 2023, 3:40:26 pm UTC) — Scanned from CA

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 2 countries across 22 domains to perform 77 HTTP transactions. The main IP is 208.103.171.96, located in Canada and belongs to CARBON60-TOR2, CA. The main domain is travel.hsbc.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 14th 2022. Valid for: a year.

This is the only time travel.hsbc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	208.103.171.96 208.103.171.96	393845 (CARBON60-...) (CARBON60-TOR2)
9	2600:141b:13:... 2600:141b:13::17d7:82b9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:141b:f00... 2600:141b:f000:f0a6::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.218.185.241 52.218.185.241	16509 (AMAZON-02) (AMAZON-02)
1	52.217.171.161 52.217.171.161	16509 (AMAZON-02) (AMAZON-02)
2	45.60.73.47 45.60.73.47	19551 (INCAPSULA) (INCAPSULA)
1	52.217.103.148 52.217.103.148	16509 (AMAZON-02) (AMAZON-02)
2	54.231.162.209 54.231.162.209	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:900... 2600:141b:9000::1725:7b92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
2	107.23.31.66 107.23.31.66	14618 (AMAZON-AES) (AMAZON-AES)
1	52.203.190.236 52.203.190.236	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.15 63.140.38.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.82.73.135 3.82.73.135	14618 (AMAZON-AES) (AMAZON-AES)
1	65.8.191.30 65.8.191.30	16509 (AMAZON-02) (AMAZON-02)
1	54.243.116.94 54.243.116.94	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.78.62 52.217.78.62	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:210... 2600:9000:2105:b400:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.103.20 34.120.103.20	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	34.67.250.180 34.67.250.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
2	52.218.244.8 52.218.244.8	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
77	32

8 208.103.171.96 (Canada)

ASN393845 (CARBON60-TOR2, CA)

travel.hsbc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:141b:13::17d7:82b9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:f000:f0a6::1e80 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.185.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

travel-img-assets.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.171.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

redtag-ca.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.73.47 (United States)

ASN19551 (INCAPSULA, US)

www.redtag.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.103.148 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

itravel2000.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.162.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

travel-img.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000::1725:7b92 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.31.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-31-66.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.190.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-190-236.compute-1.amazonaws.com

redtagvacations.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.15 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-15.data.adobedc.net

redtagvacations.d2.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.82.73.135 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-73-135.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.191.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-191-30.bos50.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.116.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-116-94.compute-1.amazonaws.com

redtag.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.78.62 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2105:b400:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.103.20 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 20.103.120.34.bc.googleusercontent.com

cdn.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.67.250.180 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.250.67.34.bc.googleusercontent.com

client-api.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.244.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577	125 KB
9	amazonaws.com travel-img-assets.s3.us-west-2.amazonaws.com redtag-ca.s3.amazonaws.com itravel2000.s3.amazonaws.com — Cisco Umbrella Rank: 898560 travel-img.s3.amazonaws.com — Cisco Umbrella Rank: 864711 s3.amazonaws.com s3-us-west-2.amazonaws.com	813 KB
8	hsbc.ca travel.hsbc.ca	2 MB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	11 KB
6	auryc.com cdn.auryc.com — Cisco Umbrella Rank: 27776 client-api.auryc.com — Cisco Umbrella Rank: 18793	193 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	91 KB
3	omtrdc.net redtagvacations.d2.sc.omtrdc.net — Cisco Umbrella Rank: 919610 redtag.tt.omtrdc.net — Cisco Umbrella Rank: 820890	862 B
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 199 redtagvacations.demdex.net — Cisco Umbrella Rank: 906613	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 8356	562 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	562 B
2	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 16430	75 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	142 KB
2	redtag.ca www.redtag.ca — Cisco Umbrella Rank: 928083	11 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 222	527 B
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 10393	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	cloudfront.net dnn506yrbagrg.cloudfront.net
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029	517 B
77	22

	Domain	Requested by
9	use.typekit.net	travel.hsbc.ca use.typekit.net
8	travel.hsbc.ca	travel.hsbc.ca
6	js-agent.newrelic.com	travel.hsbc.ca
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	client-api.auryc.com	cdn.auryc.com
4	assets.adobedtm.com	travel.hsbc.ca assets.adobedtm.com
2	www.facebook.com	travel.hsbc.ca
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	www.google.ca	travel.hsbc.ca
2	www.google.com	travel.hsbc.ca
2	cdn.auryc.com	travel.hsbc.ca cdn.auryc.com
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	connect.facebook.net	travel.hsbc.ca connect.facebook.net
2	redtagvacations.d2.sc.omtrdc.net	assets.adobedtm.com travel.hsbc.ca
2	dpm.demdex.net	assets.adobedtm.com travel.hsbc.ca
2	www.googletagmanager.com	travel.hsbc.ca www.googletagmanager.com
2	p.typekit.net	use.typekit.net
2	travel-img.s3.amazonaws.com	travel.hsbc.ca
2	www.redtag.ca	travel.hsbc.ca
2	travel-img-assets.s3.us-west-2.amazonaws.com	travel.hsbc.ca
1	bam.nr-data.net	js-agent.newrelic.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.ywxi.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	travel.hsbc.ca
1	s3.amazonaws.com	travel.hsbc.ca
1	redtag.tt.omtrdc.net	assets.adobedtm.com
1	dnn506yrbagrg.cloudfront.net	travel.hsbc.ca
1	cm.everesttech.net	1 redirects
1	redtagvacations.demdex.net	assets.adobedtm.com
1	itravel2000.s3.amazonaws.com	travel.hsbc.ca
1	redtag-ca.s3.amazonaws.com	travel.hsbc.ca
77	32

This site contains no links.

Subject Issuer	Validity	Valid
travel.hsbc.ca Entrust Certification Authority - L1K	`2022-04-14` - `2023-04-14`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-24`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-06` - `2023-06-04`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-26` - `2023-02-24`	3 months	crt.sh
*.ywxi.net Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-24` - `2023-09-24`	a year	crt.sh
cdn.auryc.com GTS CA 1D4	`2023-01-30` - `2023-04-30`	3 months	crt.sh
*.auryc.com R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://travel.hsbc.ca/
Frame ID: BB5811E3A934E5F6ACEC21DDABEDCC66
Requests: 74 HTTP requests in this frame

Frame: https://redtagvacations.demdex.net/dest5.html?d_nsid=0
Frame ID: 19CD661F682DD6CB3F29DD03E24A3DB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vacation Packages | Cruises & Last Minute Deals | AIR MILES - Red Tag Vacations

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

77
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

32
Subdomains

32
IPs

2
Countries

3660 kB
Transfer

5335 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=78167555125947437161204985405732350320 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
travel.hsbc.ca/ 101 KB
102 KB 252ms
192ms Document
text/html 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: 3c9ea11e277afc1cc289f56ce64f4e6808f463f01775bb9b9957f8de333f59f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Feb 2023 15:45:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 rbc7oki.css
use.typekit.net/ 11 KB
1 KB 90ms
20ms Stylesheet
text/css 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rbc7oki.css

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 17 Feb 2023 15:40:19 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1197

GET
H/1.1 200
OK styles.css
travel.hsbc.ca/build/public/css/ 549 KB
550 KB 20ms
19ms Stylesheet
text/css 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/build/public/css/styles.css?v=102
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified: Thu, 16 Jun 2022 18:08:04 GMT
Server: Apache
ETag: "89591-5e19484dd96cd"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 562577

GET
H/1.1 200
OK resources.js Show response
travel.hsbc.ca/build/public/js/ 810 KB
810 KB 57ms
20ms Script
application/javascript 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: 96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified: Fri, 24 Jun 2022 03:32:23 GMT
Server: Apache
ETag: "ca7a4-5e22937f1021e"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 829348

GET
H2 200 satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js Show response
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ 146 KB
41 KB 84ms
19ms Script
application/x-javascript 2600:141b:f000:f0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 17:52:23 GMT
server: AkamaiNetStorage
etag: "06aa947119a4f180d30b9b6eb4dea5a5:1547229143"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travel.hsbc.ca
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 42102
expires: Fri, 17 Feb 2023 15:40:19 GMT

GET
H/1.1 200
OK logo-hsbc-red.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ 6 KB
6 KB 303ms
124ms Image
image/png 52.218.185.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel-img-assets.s3.us-west-2.amazonaws.com/logos/logo-hsbc-red.png
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.185.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-version-id: lr7.YluXTS.mmvpxNOKmSMQx33ypClXK
Last-Modified: Mon, 06 Dec 2021 19:11:00 GMT
Server: AmazonS3
x-amz-request-id: HC81HTQ7X8P4S538
ETag: "4cfc9854e1710cde4cfd6332fe71b307"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5651
x-amz-id-2: RSOokoqhsFmv2re7qqOvppnEl1gSGj4VC1eXgqDYXMHMD+IR3asAF63FwK1BdzpazCrn6TXAsN4=

GET
H/1.1 200
OK logo-redtag-2021.svg
redtag-ca.s3.amazonaws.com/img/branding/ 5 KB
5 KB 97ms
44ms Image
image/svg+xml 52.217.171.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redtag-ca.s3.amazonaws.com/img/branding/logo-redtag-2021.svg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.171.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified: Wed, 24 Mar 2021 17:30:30 GMT
Server: AmazonS3
x-amz-request-id: 08MQ5Y3JNRPAANGF
ETag: "38d4e5eac4e13f63c161f7878f41573f"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5063
x-amz-id-2: COsFB/Of1FzoFO8ikcP2t1B7ea7FoiS0GPi2waA2aps0SypZqydffzL0zzaQGaWrzciJNPLkMVY=

GET
H2 200 fountain-loader.gif
www.redtag.ca/public/img/ 9 KB
9 KB 89ms
46ms Image
image/gif 45.60.73.47
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redtag.ca/public/img/fountain-loader.gif
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.73.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:19 GMT
last-modified: Mon, 30 Nov 2015 17:13:25 GMT
x-cdn: Imperva
etag: "2409-525c528b09740"
content-type: image/gif
x-iinfo: 7-27362053-0 0CNN RT(1676648419508 31) q(0 -1 -1 5) r(0 -1)
cache-control: max-age=30067599, public
content-length: 9225
expires: Wed, 31 Jan 2024 15:46:58 GMT

GET
H/1.1 200
OK 2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
itravel2000.s3.amazonaws.com/img/banners/ 669 KB
670 KB 145ms
86ms Image
image/jpeg 52.217.103.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itravel2000.s3.amazonaws.com/img/banners/2022-06-03-10-54-23-Home-Desktop-Banner_%281%29.jpg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.103.148 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified: Fri, 03 Jun 2022 14:56:12 GMT
Server: AmazonS3
x-amz-request-id: 08MQ19WC604JV0TP
ETag: "003c44e5b535504d148c08452a3526e2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 685305
x-amz-id-2: zYRG5E/gMEOAvXjkAubH0nakJ0GnFF68UN+t7ocWx3m35vFOrXbO6AuBRFTbC86V133xjx2VyA4=

GET
H/1.1 200
OK 2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
travel-img.s3.amazonaws.com/ 5 KB
6 KB 119ms
60ms Image
image/jpeg 54.231.162.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel-img.s3.amazonaws.com/2018-07-13--15314994650013Icon-CallBonusFeb8-102x32.jpg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified: Fri, 13 Jul 2018 16:31:06 GMT
Server: AmazonS3
x-amz-request-id: 08MK0YYDW4H9WMZ2
ETag: "ca6125afb83ae4f240d723cfd848897f"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5296
x-amz-id-2: QE7pYiOsFjFujRXrDNh825bs2MV/Dd5jSdwNrqwkUGnWlDDw+KN65vHco7Iv/sXut90pbW5WtTE=

GET
H/1.1 200
OK 2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
travel-img.s3.amazonaws.com/ 105 KB
106 KB 123ms
64ms Image
image/jpeg 54.231.162.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel-img.s3.amazonaws.com/2019-04-02--15542319259133recent_AmazingVacations-550x155.jpg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Last-Modified: Tue, 02 Apr 2019 19:05:27 GMT
Server: AmazonS3
x-amz-request-id: 08MV0K2DBHSAF49W
ETag: "9fb75b0f74626bf3b4c03348376e828e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 107842
x-amz-id-2: HSNAidQnWXDDZQleApy+waRINl3lir7Efihb9gAo2Z0b4OYCgxFHwRJm+6bBznJ6ghZNKyWSqyo=

GET
H/1.1 200
OK logo-consumer-protection-bc-grey.png
travel-img-assets.s3.us-west-2.amazonaws.com/logos/ 18 KB
18 KB 279ms
98ms Image
image/png 52.218.185.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel-img-assets.s3.us-west-2.amazonaws.com/logos/logo-consumer-protection-bc-grey.png
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.185.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-version-id: oF1s9WySqNbFVisoWlIHSy1sEOlZIZLS
Last-Modified: Thu, 16 Sep 2021 21:14:46 GMT
Server: AmazonS3
x-amz-request-id: HC8EH5V5EJA3J9T1
ETag: "3846c4b98b16a62aff6b5c00b59d147f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 18310
x-amz-id-2: kPJvwG/4AQOrDExve/6IrX0A+lIyn9KWXZb2n5dsDuYit/zj+qZ7q0k2OkCZ/kuKlY4a6xeuzaY=

GET
H/1.1 200
OK engine.js Show response
travel.hsbc.ca/build/public/js/ 25 KB
25 KB 19ms
19ms Script
application/javascript 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/build/public/js/engine.js?v=20230217102
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified: Fri, 24 Jun 2022 03:32:23 GMT
Server: Apache
ETag: "62e7-5e22937ebf90c"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 25319

GET
H/1.1 200
OK app.js Show response
travel.hsbc.ca/build/public/js/ 369 KB
370 KB 18ms
18ms Script
application/javascript 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/build/public/js/app.js?v=20230217102
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified: Fri, 24 Jun 2022 03:32:23 GMT
Server: Apache
ETag: "5c49e-5e22937f05a26"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 378014

GET
H2 200 icon-tag.png
www.redtag.ca/public/img/ 1 KB
2 KB 149ms
109ms Image
image/png 45.60.73.47
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.redtag.ca/public/img/icon-tag.png
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.73.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:19 GMT
last-modified: Wed, 12 Nov 2014 21:34:37 GMT
x-cdn: Imperva
etag: "c89-507b02997b540"
content-type: image/png
x-iinfo: 7-27362053-0 0CNN RT(1676648419508 38) q(0 -1 -1 6) r(0 -1)
cache-control: max-age=30067575, public
content-length: 1245
expires: Wed, 31 Jan 2024 15:46:34 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 93ms
18ms Stylesheet
text/css 2600:141b:9000::1725:7b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rbc7oki&ht=tk&f=7986.7987.7992.7996.7997.24349.24350.24351.24352.24353.24354.24355.24356.43311.43312&a=5869931&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b92 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:19 GMT
last-modified: Thu, 28 Jul 2022 21:30:08 GMT
server: nginx
etag: "62e2ffe0-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
64 KB 154ms
95ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f9d43290409aa98aed44040287a6d0f64f7244a797fe019a071a2e0825b284c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65447
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 15:40:20 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 374 B
1 KB 154ms
74ms XHR
application/json 107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&d_nsid=0&ts=1676648419927

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

e9890c27240113560698eff607ce35fdee560276af99be6e09c5e24e55f96f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-2-v045-0a4b29916.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: WpE5XoujS28=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://travel.hsbc.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 315
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js Show response
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ 106 KB
34 KB 19ms
18ms Script
application/x-javascript 2600:141b:f000:f0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:19 GMT
content-encoding: gzip
last-modified: Fri, 04 Jan 2019 18:54:50 GMT
server: AkamaiNetStorage
etag: "4b1b4fee3d84660737febe5404c0cd49:1546628090"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travel.hsbc.ca
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 34452
expires: Fri, 17 Feb 2023 15:40:19 GMT

GET
H/1.1 200
OK icon-defs.svg
travel.hsbc.ca/public/img/icons/ 130 KB
130 KB 33ms
18ms Other
image/svg+xml 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/public/img/icons/icon-defs.svg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: 277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Last-Modified: Thu, 16 Jun 2022 18:08:28 GMT
Server: Apache
ETag: "2073f-5e19486573b0b"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 132927

GET
H/1.1 200
OK dest5.html Show response
redtagvacations.demdex.net/ Frame 19CD 7 KB
3 KB 111ms
26ms Document
text/html 52.203.190.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redtagvacations.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.190.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-190-236.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://travel.hsbc.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v045-03a82d1b9.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Tmv3htCdTto=
content-encoding: gzip
date: Fri, 17 Feb 2023 15:40:20 GMT
last-modified: Wed, 8 Feb 2023 11:53:40 GMT
vary: accept-encoding

GET
H2 200 id Show response
redtagvacations.d2.sc.omtrdc.net/ 2 B
266 B 112ms
32ms XHR
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://redtagvacations.d2.sc.omtrdc.net/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&mid=78139085296091929431203254976671751483&ts=1676648420141

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://travel.hsbc.ca
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=78167555125947437161204985405732350320
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2

42 B
940 B

28ms
27ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-0bf3a6fc1.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FXz+6yLWQ/U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y__f5AAAAL4J0gN2
Date: Fri, 17 Feb 2023 15:40:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ 18 KB
18 KB 108ms
47ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098

Request headers

Referer: https://use.typekit.net/rbc7oki.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18076

GET
H2 200 satellite-5c2e349564746d181a0175a4-staging.js Show response
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/ 6 KB
2 KB 20ms
19ms Script
application/x-javascript 2600:141b:f000:f0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/scripts/satellite-5c2e349564746d181a0175a4-staging.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Jan 2019 18:54:50 GMT
server: AkamaiNetStorage
etag: "423cdc594a14105f1ac7d02e9558044c:1546628090"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travel.hsbc.ca
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 2261
expires: Fri, 17 Feb 2023 15:40:20 GMT

GET
H2 200 s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js Show response
assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/ 34 KB
13 KB 32ms
32ms Script
application/x-javascript 2600:141b:f000:f0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/s-code-contents-901c153b93f7b5b196931adc396ee82dc2946ca5-staging.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:f0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 17:52:21 GMT
server: AkamaiNetStorage
etag: "9a1e762486f8afef7a6f384a1e9c253d:1547229141"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travel.hsbc.ca
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 13170
expires: Fri, 17 Feb 2023 15:40:20 GMT

GET
H/1.1 200
OK listing Show response
travel.hsbc.ca/engine/vacations/ 85 KB
30 KB 105ms
105ms XHR
text/json 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/engine/vacations/listing
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/json;charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 30209

GET
H/1.1 403
Forbidden 2921.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0017/ 0
0 326ms
155ms Script
application/xml 65.8.191.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0017/2921.js?465735
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.191.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-191-30.bos50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 json Show response
redtag.tt.omtrdc.net/m2/redtag/mbox/ 96 B
396 B 85ms
33ms XHR
application/json 54.243.116.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://redtag.tt.omtrdc.net/m2/redtag/mbox/json?mbox=target-global-mbox&mboxSession=6e4f7b46307141348163132c0bbab5a9&mboxPC=&mboxPage=7f7712428e144971b0cd24326b7e0204&mboxVersion=1.2.0&mboxCount=1&mboxTime=1676648420324&mboxHost=travel.hsbc.ca&mboxURL=https%3A%2F%2Ftravel.hsbc.ca%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=78139085296091929431203254976671751483&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=&mboxMCGLH=7&vst.trk=redtagvacations.d2.sc.omtrdc.net&vst.trks=redtagvacations.d2.sc.omtrdc.net&mboxMCSDID=536294BBE24929C3-46A297C40C6853C8
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.116.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-116-94.compute-1.amazonaws.com
Software: /
Resource Hash: eb9ee98fd8b9366a477e3da10332133d96b8e24ceffcb0c723983b86503ab9cc

Request headers

Accept: application/json
Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: 137c127e8016e755baefafbf82b2f405

GET
H/1.1 200
OK yyz,ytz Show response
travel.hsbc.ca/engine/vacations/destinations/ 34 KB
9 KB 100ms
99ms XHR
text/json 208.103.171.96
CARBON60-TOR2

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.hsbc.ca/engine/vacations/destinations/yyz,ytz
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/js/resources.js?v=20230217102
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.103.171.96 , Canada, ASN393845 (CARBON60-TOR2, CA),
Reverse DNS
Software: Apache /
Resource Hash: d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519

Request headers

Accept: application/json, text/plain, */*
Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:45:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/json;charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 8949

GET
H/1.1 200
OK icon-chevron-down.svg
s3.amazonaws.com/redtag-ca/img/icons/ 449 B
809 B 97ms
45ms Image
image/svg+xml 52.217.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/redtag-ca/img/icons/icon-chevron-down.svg
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/build/public/css/styles.css?v=102
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.78.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:21 GMT
Last-Modified: Mon, 26 Feb 2018 22:08:28 GMT
Server: AmazonS3
x-amz-request-id: HC8EJQDVDS5QK9X2
ETag: "f4e66dcb432c4128b8007c2fa4572250"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 449
x-amz-id-2: GZkdUcZmQo2CU4wzHE0GBDDYPUtsV1LSVx05cN3ZgvaZjfrBYdojdfv0Zj7I69KKNvGl87gmoxI=

GET
H2 200 l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/ 13 KB
14 KB 29ms
28ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e

Request headers

Referer: https://use.typekit.net/rbc7oki.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "6c6a600f247a71e5bec38230436a588f0aed8849"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13688

GET
H2 200 l
use.typekit.net/af/403911/00000000000000003b9b3880/27/ 18 KB
18 KB 59ms
58ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309

Request headers

Referer: https://use.typekit.net/rbc7oki.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "112e33239582b68be657159b85f4e16e5ce72672"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17988

GET
H2 200 l
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/ 17 KB
17 KB 35ms
35ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rbc7oki.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c

Request headers

Referer: https://use.typekit.net/rbc7oki.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "d565fbd7462cbd43bdd44d30e039bca2154e8b6d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17176

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 87ms
39ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open+Sans:400,300,600,700|Oswald:700|Khand:400,500,300,600,700

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 15:40:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Feb 2023 15:40:20 GMT

GET
H2 200 ywd8yvm.css
use.typekit.net/ 6 KB
1 KB 37ms
36ms Stylesheet
text/css 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ywd8yvm.css

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 889

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 14:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 16:41:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/ 2 KB
1 KB 137ms
74ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10852696127/?random=1676648420507&cv=11&fst=1676648420507&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&auid=1044163032.1676648420&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b2344c32f2d00f89162c7a449aa610b1491e52e6f274fed48a1c2230ae2b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 913
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 76ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Feb 2023 15:40:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5W6kza/WjWrzQ+lRH6QXlMStFBeTZCIvWTCqjJUAooh7/HKm0cEF0HOFDrB9p00cntao3I1tsMSYRl6yFknT5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 268ms
88ms Script
text/javascript 2600:9000:2105:b400:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2105:b400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:12:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 53a0c837da247a6d49f09ae6de51454e.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-C3
age: 1693
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4567
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2B5C53DF2A83210DF633FAB44EE14DCB608E861DCB000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: qdDANL5L4QJtAcsDC9_wkAncTYIElBSnQQS4DzlZeq2pnUjxIiMuUg==
expires: Fri, 17 Feb 2023 16:12:07 GMT

GET
H2 200 f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js Show response
my.hellobar.com/ 2 KB
1 KB 129ms
71ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 04:56:52 GMT
server: cloudflare
x-amz-request-id: 1W49SYKYCG8W1QHA
age: 2
etag: W/"108f85c8e6bcddf1b77ef4d28a5eada0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 79af9ef4bf6618c4-EWR
x-amz-id-2: TcFNxfq/9Gvu/ndW6CmfS0t8gWGPMco8HJO61xqYWD95yZMDH6nKJWSFXBQHZgtJvVPkhHBPgpE=

GET
H2 200 container.js Show response
cdn.auryc.com/862-redtagca/ 36 KB
10 KB 43ms
14ms Script
application/javascript 34.120.103.20
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auryc.com/862-redtagca/container.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 20.103.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:38:04 GMT
content-encoding: gzip
age: 136
x-guploader-uploadid: ADPycdvz2VdNxtl-e1rQczM6RN2y3jMUPj7nBQfdE5ho9tYb0eIh8wb1OxII5aafzl8RHBryjQCA1GFG2t7coCpEHPRneQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9857
last-modified: Tue, 23 Aug 2022 16:51:03 GMT
server: UploadServer
etag: "d8d78c2767e3c52e5392f9a3043c9e4a"
vary: Accept-Encoding
x-goog-generation: 1661273463828478
x-goog-hash: crc32c=U+BpCw==, md5=2NeMJ2fjxS5TkvmjBDyeSg==
content-type: application/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 9857
accept-ranges: bytes
expires: Fri, 17 Feb 2023 16:38:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 60ms
56ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WTJNMJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3161d1cf084af4d940e1eb83ae36ffaec395098b0f48da7346cc0609c00f2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Feb 2023 15:40:20 GMT

GET
H2 200 s56166747374391
redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/ 43 B
200 B 33ms
33ms Image
image/gif 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redtagvacations.d2.sc.omtrdc.net/b/ss/rtvrtvairmilesdev/1/JS-2.10.0-D7QN/s56166747374391?AQB=1&ndh=1&pf=1&t=17%2F1%2F2023%2015%3A40%3A20%205%200&sdid=536294BBE24929C3-46A297C40C6853C8&D=D%3D&mid=78139085296091929431203254976671751483&aamlh=7&ce=UTF-8&pageName=redtag%3Ahome&g=https%3A%2F%2Ftravel.hsbc.ca%2F&cc=CAD&ch=Home&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=home&c14=evar26&v43=Desktop&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&AQE=1

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 15:40:20 GMT
server: jag
etag: 3600575066001276928-4619584441381032645
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 15:40:20 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 22ms
21ms Stylesheet
text/css 2600:141b:9000::1725:7b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ywd8yvm&ht=tk&f=24349.24350.24351.24352.24353.24354.24355.24356&a=5869931&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b92 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
last-modified: Thu, 28 Jul 2022 21:30:08 GMT
server: nginx
etag: "62e2ffe0-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 releasesettings Show response
client-api.auryc.com/ 2 B
154 B 47ms
46ms XHR
application/json 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Requested by

Host: cdn.auryc.com
URL: https://cdn.auryc.com/862-redtagca/container.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 862-redtagca
Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-authorized-token: 4ffe693a7b6713dd0dda6232e73eeed0

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
content-length: 28
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 releasesettings
client-api.auryc.com/ Frame 0
0 143ms
42ms Preflight 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://travel.hsbc.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 17 Feb 2023 15:40:20 GMT
expires: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/ 19 KB
19 KB 44ms
21ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/299bdc/00000000000000003b9b0ba5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c

Request headers

Referer: https://use.typekit.net/ywd8yvm.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "35d84286ad96b5e233e7b42237fde6b426b80cb3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19148

GET
H2 200 l
use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/ 19 KB
19 KB 38ms
24ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/795dd6/00000000000000003b9b0ba8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c

Request headers

Referer: https://use.typekit.net/ywd8yvm.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "f857635989416f48e63746424c11ff89cd1e278a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19096

GET
H2 200 l
use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/ 18 KB
18 KB 41ms
31ms Font
application/font-woff2 2600:141b:13::17d7:82b9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1d6761/00000000000000003b9b0ba9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ywd8yvm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba

Request headers

Referer: https://use.typekit.net/ywd8yvm.css
Origin: https://travel.hsbc.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
server: nginx
etag: "125664420af0a1367364a1380882109c270f677f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18364

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 33ms
32ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=625736362&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&ul=en-us&de=UTF-8&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=848251307&gjid=498365973&cid=958933944.1676648421&tid=UA-227765-19&_gid=1218148000.1676648421&_r=1&_slc=1&gtm=45He32f0n815WTJNMJ&z=58738270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 38ms
38ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=625736362&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&ul=en-us&de=UTF-8&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=915901173&gjid=611506445&cid=958933944.1676648421&tid=UA-76333024-27&_gid=1218148000.1676648421&_r=1&_slc=1&gtm=45He32f0n815WTJNMJ&z=559811124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10852696127/ 42 B
455 B 99ms
42ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10852696127/?random=1676648420507&cv=11&fst=1676646000000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&fmt=3&is_vtc=1&random=1963430130&rmt_tld=0&ipr=y

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/10852696127/ 42 B
455 B 97ms
41ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/10852696127/?random=1676648420507&cv=11&fst=1676646000000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftravel.hsbc.ca%2F&tiba=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&fmt=3&is_vtc=1&random=1963430130&rmt_tld=1&ipr=y

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1622896811338454 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1622896811338454?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Feb 2023 15:40:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110399
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: F1QPegIXUzk8UNzN079laAOeTiAUF41gx68EA6uFJQNA02s/GsOerZclOQr9mzVns2dlPjK4pOOimfXL4qOCLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 93ms
33ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&gjid=498365973&_gid=1218148000.1676648421&_u=YEBAAEAAAAAAACAAI~&z=1481278190

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 35ms
34ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TPHELVR18L&gtm=45je32f0&_p=625736362&cid=958933944.1676648421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676648420&sct=1&seg=0&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 auryc.lib.js Show response
cdn.auryc.com/libs/latest/ 676 KB
180 KB 13ms
12ms Script
application/javascript 34.120.103.20
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auryc.com/libs/latest/auryc.lib.js
Requested by: Host: cdn.auryc.com
URL: https://cdn.auryc.com/862-redtagca/container.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.103.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 20.103.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:37:47 GMT
content-encoding: gzip
age: 153
x-guploader-uploadid: ADPycdv94VGSexXkPLYyBN0_bh6C95Fv0G4pjqBcLpDaWkN458X2rNaQYHo6OkRzCoEagZn4OhlFsbYfqOMSJPyL49jLQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183971
last-modified: Wed, 15 Feb 2023 18:40:04 GMT
server: UploadServer
etag: "74a9ea466ce10f89ce5dda9eb8d2ffc3"
x-goog-generation: 1676486404647779
x-goog-hash: crc32c=AvqvZQ==, md5=dKnqRmzhD4nOXdqeuNL/ww==
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 183971
accept-ranges: bytes
expires: Fri, 17 Feb 2023 16:37:47 GMT

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ 243 B
819 B 307ms
115ms XHR
application/xml 52.218.244.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.244.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 346a045ad508f27667dd72f986172e352f1c4b56c399cb5df4690b48544fc8c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Server: AmazonS3
x-amz-request-id: 24QSFCM064GFPQ94
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: https://travel.hsbc.ca
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/xml
x-amz-id-2: /sBYrAH50avE7nuga6ofru7L9os43OfvzGa0AKUUwbrTsatdpIVETW8xV5c5bx2/BS8I3qVy/Nk=

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/ 243 B
819 B 305ms
109ms XHR
application/xml 52.218.244.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.244.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bafd684bfb8baae485b5a73649805f13451bd42697635c1412b60046ad1173f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:20 GMT
Server: AmazonS3
x-amz-request-id: 24QHWKTSEHFNQDMD
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: https://travel.hsbc.ca
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/xml
x-amz-id-2: oXCMND22T+QaT2G9k58SLUfT+Q/KJukvoG4E5wFn4f992YAeMTGJW5XlAP6nh1bXlM2NsBQIEy8=

GET
H2 200 modules.js Show response
my.hellobar.com/ 254 KB
73 KB 50ms
48ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/f1272b2c2ff80bfbe881fe1adf6d076d71ae8043.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 05:10:46 GMT
server: cloudflare
x-amz-request-id: BCDF1B78YSBXYE80
age: 6553
cf-polished: origSize=260615
etag: W/"ee85f3aa09f4f82ddd1d0df2fd1af30f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 79af9ef66afb18c4-EWR
x-amz-id-2: KMFlqLtXpPm9PTgdQFdAo3wfl0em7wFiC+Guw/UCrahQIc022xD8ZGGv+U8RRQajYnqWznAfWwY=

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 70ms
25ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1622896811338454&ev=PageView&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&rl=&if=false&ts=1676648420864&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676648420862.308616330&it=1676648420741&coo=false&rqm=GET

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Feb 2023 15:40:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&_u=YEBAAEAAAAAAACAAI~&z=340461219

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 53ms
52ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-227765-19&cid=958933944.1676648421&jid=848251307&_u=YEBAAEAAAAAAACAAI~&z=340461219

Requested by

Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 siteconfig Show response
client-api.auryc.com/ 14 KB
3 KB 48ms
47ms XHR
application/json 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Requested by

Host: cdn.auryc.com
URL: https://cdn.auryc.com/libs/latest/auryc.lib.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 862-redtagca
Referer: https://travel.hsbc.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-authorized-token: 4ffe693a7b6713dd0dda6232e73eeed0
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
content-length: 2794
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 siteconfig
client-api.auryc.com/ Frame 0
0 43ms
42ms Preflight 34.67.250.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.250.67.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://travel.hsbc.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 17 Feb 2023 15:40:20 GMT
expires: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 async-api.6bb277af-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 42ms
12ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: H1NJ9VB8EY3PTGMW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1094
x-amz-id-2: Iz6MlHyTEJaKQC8eYTuYUoyKAO6rEZHQa7DpkqLGSMl3x45yGff7ijhcne4gXRonY53Dcy1JMj8=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.032812,VS0,VE0
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4513

GET
H2 200 lazy-loader.48127245-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
723 B 42ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: Y4K5HGP30MBPE91Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 520
x-amz-id-2: dIYDGmEvgFx05edPNHExR7BogTfJ37JGDFmni/SWblpl3nJzuI4z3wkCcZ7mimwHSug7PWn0fNI=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.033038,VS0,VE0
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3598

GET
BLOB 200
OK a29d4b5a-e12c-48f9-9c9b-4374313552c5
https://travel.hsbc.ca/ 67 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://travel.hsbc.ca/a29d4b5a-e12c-48f9-9c9b-4374313552c5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 67
Content-Type: application/javascript

GET
H2 200 118.d37755e4-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 12ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: BCZTS6YS2GCGFKGX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3412
x-amz-id-2: PmEwHoA9GlyukerPDhj6u8/WfbkJmAV3ORxQ31r5rW6FzuCQKh/G2gthW5Idi4B4SOLYF9DjBZM=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.133797,VS0,VE0
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4531

GET
H2 200 page_view_event-aggregate.29613e65-1225.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 15ms
14ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: 7C73CG4ZQQ6M7083
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1682
x-amz-id-2: 4+uavw9wzTtO43WHAiBy7lrA53b5E+nK7BW6uVc4HdUfdNc9hVm03IB84bsrMFjIAKNfUc98CWg=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.134347,VS0,VE0
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4511

GET
H2 200 page_view_timing-aggregate.e791ce32-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 17ms
16ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: H1NYMEJN4D7D2PWG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2248
x-amz-id-2: fA0zbF/RTkXcouOU1YRg7lBwulBrPjAMXHhHNCZ2m1xhx1JGoRGtqUmoFGZVCQyn645xdyhTnBQ=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.134348,VS0,VE0
etag: "84ba19034cf0206a49ecf68893086bdd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 105729

GET
H2 200 metrics-aggregate.b4a54ed9-1225.min.js Show response
js-agent.newrelic.com/ 1 KB
932 B 13ms
12ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by: Host: travel.hsbc.ca
URL: https://travel.hsbc.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding: gzip
via: 1.1 varnish
date: Fri, 17 Feb 2023 15:40:21 GMT
x-amz-request-id: H1NPSPEMX5MRQXZT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 730
x-amz-id-2: qt8vPmJpeW8JwAEIr8+31toa2alk2eY2QjPgAm0ZUWvUebQrVA0bW7w1F18h2FvsIHUexHlkVxk=
x-served-by: cache-yul12832-YUL
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1676648421.134321,VS0,VE0
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4516

GET
H/1.1 200
OK b99fa40c2c Show response
bam.nr-data.net/1/ 49 B
527 B 200ms
106ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b99fa40c2c?a=563623457&v=1225.PROD&to=NgNbNxBTWBBRVUIPCw9JbBELHV8NVFNOSBQJFg%3D%3D&rst=1973&ck=0&s=e6dad2b39afaad84&ref=https://travel.hsbc.ca/&ap=170&be=308&fe=1508&dc=997&perf=%7B%22timing%22:%7B%22of%22:1676648419180,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:4,%22c%22:4,%22s%22:21,%22ce%22:60,%22rq%22:61,%22rp%22:253,%22rpe%22:293,%22dl%22:259,%22di%22:1305,%22ds%22:1305,%22de%22:1309,%22dc%22:1815,%22l%22:1815,%22le%22:1817%7D,%22navigation%22:%7B%7D%7D&fp=1475&fcp=1475&at=GkRYQVhJSx4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 15:40:21 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 79af9ef8ea873fdf-YYZ

GET
BLOB 200
OK 342e1320-306e-4636-8310-12a28744b8f8
https://travel.hsbc.ca/ 67 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://travel.hsbc.ca/342e1320-306e-4636-8310-12a28744b8f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 67
Content-Type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 20ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1622896811338454&ev=Microdata&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&rl=&if=false&ts=1676648422413&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations%22%2C%22meta%3Adescription%22%3A%22Shop%20Compare%20%26%20Pay%20less%20for%20All%20Inclusive%20Resorts%20%26%20Hotels%2C%20Cheap%20Flights%2C%20Airline%20Tickets%2C%20Last%20Minute%20Vacations%20Packages%20%26%20Discounted%20Cruises%22%2C%22meta%3Akeywords%22%3A%22Cheap%20Vacations%2C%20Airline%20Tickets%2C%20Vacations%20Packages%2C%20Car%20Rentals%2C%20All%20Inclusive%20Travel%20Deals%2C%20Last%20Minute%2C%20Mexico%2C%20Caribbean%2C%20Cuba%2C%20Hotel%20Reservations%2C%20Cheap%20Tickets%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1676648420862.308616330&it=1676648420741&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Feb 2023 15:40:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
32ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TPHELVR18L&gtm=45je32f0&_p=625736362&cid=958933944.1676648421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676648420&sct=1&seg=0&dl=https%3A%2F%2Ftravel.hsbc.ca%2F&dt=Vacation%20Packages%20%7C%20Cruises%20%26%20Last%20Minute%20Deals%20%7C%20AIR%20MILES%20-%20Red%20Tag%20Vacations&en=scroll&epn.percent_scrolled=90&_et=19
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPHELVR18L&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://travel.hsbc.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 15:40:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.hsbc.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
travel.hsbc.ca/engine/vacations/destinations	1969-12-31 23:59:59	Name: lang Value: en
travel.hsbc.ca/engine/vacations	1969-12-31 23:59:59	Name: lang Value: en
travel.hsbc.ca/	1969-12-31 23:59:59	Name: lang Value: en
travel.hsbc.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4dsjo37c0s1grjbidt7jtt1d50
travel.hsbc.ca/	1970-01-20 09:44:11	Name: hsbctravel Value: 572612618.47873.0000
.hsbc.ca/	1969-12-31 23:59:59	Name: check Value: true
.demdex.net/	1970-01-20 14:03:20	Name: demdex Value: 78167555125947437161204985405732350320
.hsbc.ca/	1969-12-31 23:59:59	Name: AMCVS_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 18:29:44	Name: everest_g_v2 Value: g_surferid~Y__f5AAAAL4J0gN2
.dpm.demdex.net/	1970-01-20 14:03:20	Name: dpm Value: 78167555125947437161204985405732350320
.hsbc.ca/	1970-01-20 11:53:44	Name: _gcl_au Value: 1.1.1044163032.1676648420
.hsbc.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
.hsbc.ca/	1970-01-20 19:20:08	Name: AMCV_52BC0C3A53DB25230A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19406%7CMCMID%7C78139085296091929431203254976671751483%7CMCAAMLH-1677253220%7C7%7CMCAAMB-1677253220%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676655620s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19413%7CvVersion%7C3.3.0
.hsbc.ca/	1970-01-20 19:20:08	Name: mbox Value: session#6e4f7b46307141348163132c0bbab5a9#1676650281\|PC#6e4f7b46307141348163132c0bbab5a9.34_0#1739893221
.doubleclick.net/	1970-01-20 09:44:09	Name: test_cookie Value: CheckForPermission
.hsbc.ca/	1970-01-20 09:45:34	Name: _gid Value: GA1.2.1218148000.1676648421
.hsbc.ca/	1970-01-20 09:44:08	Name: _gat_UA-227765-19 Value: 1
.hsbc.ca/	1970-01-20 09:44:08	Name: _gat_UA-76333024-27 Value: 1
.hsbc.ca/	1970-01-20 19:20:08	Name: _ga Value: GA1.1.958933944.1676648421
.hsbc.ca/	1970-01-20 19:20:08	Name: _ga_TPHELVR18L Value: GS1.1.1676648420.1.0.1676648420.0.0.0
.hsbc.ca/	1970-01-20 11:53:44	Name: _fbp Value: fb.1.1676648420862.308616330
.hsbc.ca/	1970-01-20 19:20:08	Name: userty.core.p.be721e Value: __2VySWQiOiI1ZjQ0MjRjYTFmNTY3NjNhNzE4NWVhMjgxZGRmY2VjYyJ9eyJ1c
.hsbc.ca/	1969-12-31 23:59:59	Name: userty.core.s.be721e Value: __SI6MTY3NjY1MDIyMTA1Mywic2lkIjoiMjIyNzViMWY2MjBmOWQxMTdlMjQyNzE4NTVmYWFlMGEiLCJzdCI6MTY3NjY0ODQyMTA1MywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9Iiwic21wbC53diI6ImYiLCJhdXJ5Yy5hZG9iZV9hbmFseXRpY3MiOiJmIiwic21wbC5hamF4IjoiZiJ9eyJzZ

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/satelliteLib-e4377c30aea2e41a1c5367805f855287952760fb-staging.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/7de12816b4fe53bcf760b43a0133c9a305e47dd5/mbox-contents-8e7453ba1b7032e87a69cff565c9813da3310f70-staging.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0017/2921.js?465735 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsinline Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/travel.hsbc.ca/client.json?source=jsmain Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.auryc.com
cdn.ywxi.net
client-api.auryc.com
cm.everesttech.net
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
itravel2000.s3.amazonaws.com
js-agent.newrelic.com
my.hellobar.com
p.typekit.net
redtag-ca.s3.amazonaws.com
redtag.tt.omtrdc.net
redtagvacations.d2.sc.omtrdc.net
redtagvacations.demdex.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
stats.g.doubleclick.net
travel-img-assets.s3.us-west-2.amazonaws.com
travel-img.s3.amazonaws.com
travel.hsbc.ca
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redtag.ca
107.23.31.66
151.101.2.137
162.247.241.14
208.103.171.96
2600:141b:13::17d7:82b9
2600:141b:9000::1725:7b92
2600:141b:f000:f0a6::1e80
2600:9000:2105:b400:14:6bfc:5740:93a1
2606:4700:10::6816:f17
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.82.73.135
34.120.103.20
34.67.250.180
45.60.73.47
52.203.190.236
52.217.103.148
52.217.171.161
52.217.78.62
52.218.185.241
52.218.244.8
54.231.162.209
54.243.116.94
63.140.38.15
65.8.191.30
1197f27634861fd5146f7f8537bef47953f75073eb131ed99d1b18bd59f1d354
196ed0634b5c19548eb9ef2432ba6cc9f1f1d8446953de13e57f6bc6eceda098
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
226d10bc0a9dd614f06602b193b1eb3e0711e19143ce8da4df60920764033a7c
277084211ed5c51773120b873fa30b1b15cc876ac374000d774c50104b849b9a
2f1d8035f37b4ef1db4aec5701fe20a79fcf64ba0dfb8a867d7521c166f463b9
346a045ad508f27667dd72f986172e352f1c4b56c399cb5df4690b48544fc8c9
3c12605496639c19fb5cccbd48c96a79f961d6af808d7df2596d14c58b017677
3c9ea11e277afc1cc289f56ce64f4e6808f463f01775bb9b9957f8de333f59f9
43ce30d4ecf65e26c9c6d47c32ead3afd708f1d02a54b65f20af6fea08726b92
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
469feeaeda3e210275c9e540fb1b1a07c9f85c7c063eea3614925201dc8b4ae7
4c111edfd7ea6e75fb389fc96d1220e33c00fa5e83f5fbf474ba0948542adc7e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
52b9f67e15fce228520212b58f6ee6dca6db7415e379cc6688de16211f14a309
56a63ed636ce945f07c8b1dc57e24e66be48624c656ccee2e9be8b688b881dba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2344c32f2d00f89162c7a449aa610b1491e52e6f274fed48a1c2230ae2b738
5bafd684bfb8baae485b5a73649805f13451bd42697635c1412b60046ad1173f
5d3ee87908bf2bfb28feb36b7317e182a8072fb87f95f9749e475cfc89eaa321
5e6627275085c3be9366d03dc8fe5de1aa97c57743bcd3f600468d395db1ad96
64c543376491eca75c0ac110106adc67ebaad0514d97b4f0617a623951945f47
68588db4f09f1982d74887644c54e581cc6ed7e267f836a480c29ef1a3c0a7a0
686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971
6ad58a9cb9d4a055600b17ae8df141e831fcf36549d928d6531706a9c43938e3
6e6576ec344d943fcc8ba510d7195ff1bf00c4d80288e74f79f58b6e93b0404c
6ec78eb21f808a126a02f0d57a6a943e337cec8105855fbab269324968bcb66d
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e7b6f4520d5c295328f73fff4930885f14aacf943eecca8ef0e44004c3b6ac2
7f9d43290409aa98aed44040287a6d0f64f7244a797fe019a071a2e0825b284c
8344e33505b758ec68b3f6e49a6d1b638124f923041bad00812ffcb32e8bd880
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8b916b53e9979c04f53722a3d7ef1ce3c3eeeefdc3b0e119b84bedb66f39919e
96ba9040b7f99f6da5ed548588a6c21eabff50d8b4decb29f2dae4bcc1250cd9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5f325e9abb3bd19967b171dd79b75ccd9589aab30570e31ca0cbeb36a92eac2
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354
b3161d1cf084af4d940e1eb83ae36ffaec395098b0f48da7346cc0609c00f2ed
b39eb3c9e7d245ed4b4dfcbb43fb18fcec6c5b2af860d41c665354ad5e4e71e7
b7e8d669eb5e9d4a8f546f5906e9111947a5b69e72ae2da599c1ecd7f6d35763
bb30b739a21db6baf1f33faec29d2ceda15e30e116ba1fd5e6d42e7850183d95
bb4c291f819c37ffc007a33cbb82be00e5a3395d723b8425cf8c9a5fe615e8ab
c66bacb9316edb96218cba80d3e69f1bfa76de907cc5cf16d4720ac61badb123
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d2234afe4bfbf7812692e2cd2c7178aff73cfd38971752cfee535e2629a79519
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc03755deb3fcd629eeeeaf949c9f157d1c27e4e4c028062062e82c4364a7d73
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e386fdf29820ba95b36e908ad47f615ee875489035bfc0dfc6b32dcbf7bef70e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90e02d29074efb04094d678eab9b1cadb5d01b4979f847c3e2f69803e46b92c
e9890c27240113560698eff607ce35fdee560276af99be6e09c5e24e55f96f35
eb9ee98fd8b9366a477e3da10332133d96b8e24ceffcb0c723983b86503ab9cc
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
eeb37ef58da0a216e36e4b3a4dfa8c9e99d754dc698d67362e456191e94710fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f342e5900fa5e4bca5c8e7386c02a225de91c66989a0f2755324a228b7fe119d
f34a9abc6754f0cf1923e2f58dff4a3ed92840b81325e1ef6fe07ea0a8987278
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

travel.hsbc.ca Open in urlscan Pro 208.103.171.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

44 %IPv6

22 Domains

32 Subdomains

32 IPs

2 Countries

3660 kBTransfer

5335 kBSize

23 Cookies

0 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

travel.hsbc.ca Open in urlscan Pro
208.103.171.96 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

44 %
IPv6

22
Domains

32
Subdomains

32
IPs

2
Countries

3660 kB
Transfer

5335 kB
Size

23
Cookies

77 HTTP transactions
0 data transactions