currencyzone.hsbc.com Open in urlscan Pro
193.108.78.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://currencyzone.hsbc.com/
Submission Tags: @phishunt_io
Submission: On July 25 via api (July 25th 2024, 10:42:57 am UTC) from DE — Scanned from GB

Summary HTTP 17 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 17 HTTP transactions. The main IP is 193.108.78.213, located in United Kingdom and belongs to HSBC-UK, GB. The main domain is currencyzone.hsbc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 25th 2024. Valid for: a year.

This is the only time currencyzone.hsbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	193.108.78.213 193.108.78.213	20705 (HSBC-UK) (HSBC-UK)
3	2600:9000:238... 2600:9000:238d:5600:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.45.104.216 23.45.104.216	16625 (AKAMAI-AS) (AKAMAI-AS)
17	3

12 193.108.78.213 (United Kingdom)

ASN20705 (HSBC-UK, GB)

currencyzone.hsbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:5600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.104.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-216.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	hsbc.com currencyzone.hsbc.com	747 KB
5	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1751 akamai.tiqcdn.com — Cisco Umbrella Rank: 27980	67 KB
17	2

	Domain	Requested by
12	currencyzone.hsbc.com	currencyzone.hsbc.com
3	tags.tiqcdn.com	currencyzone.hsbc.com tags.tiqcdn.com
2	akamai.tiqcdn.com	tags.tiqcdn.com
17	3

This site contains links to these domains. Also see Links.

Domain
www.gbm.hsbc.com

Subject Issuer	Validity	Valid
currencyzone.hsbc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-25` - `2025-07-24`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://currencyzone.hsbc.com/
Frame ID: 51A49487E39E61F4FC395735B3A0A086
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC Currency Zone

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

815 kB
Transfer

2065 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gbm.hsbc.com/en-gb/feed/global-research/podcasts/macro-viewpoint
Title: The Macro Brief Podcast25 July 2024WeeklyHSBC Global Research economists and strategists assess the key issues affecting economies and markets across the globe.Podcast

Search URL Search Domain Scan URL

URL: https://www.gbm.hsbc.com/en-gb/campaigns/global-research/live-insights
Title: HSBC Global Research Live InsightsA series of interviews streamed live and open to all. The series brings to life key themes, offers thought leadership and discusses topical trends.Video

Search URL Search Domain Scan URL

URL: https://www.gbm.hsbc.com/financial-regulation/complaint-handling
Title: Complaint Handling

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
currencyzone.hsbc.com/ 266 KB
81 KB 887ms
141ms Document
text/html 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

775c5dce1ca2031edb80e9ff9c8d5b0ce66cc031731bd679a55cda9525522059

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000 max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en-GB
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 10:42:51 GMT
etag: W/"428a5-NJBG81hFTrwUFn7rtUs/AvUXkGQ"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000 max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-evolve-release-version: 0.0.359
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/ 109 B
547 B 510ms
419ms Script
application/javascript 2600:9000:238d:5600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/utag.sync.js
Requested by: Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b0ad4ce6478c9f19037f554254b7154697904bc6889781010dfce6cba62174

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: sp_Qlq.asPQg.b9dqLGDXHpWZz.yKxFU
date: Thu, 25 Jul 2024 10:42:53 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 07:40:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
etag: "fc1c83ba5a5cc86afba50d3df26ac670"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 109
x-amz-cf-id: _ZpERAGu8OC6s9X8n6VJZyAs864PrCwcFgDS-l2Uhd6c6QILLpmTJw==

GET
H2 200 hsbc_logo.svg
currencyzone.hsbc.com/currency-zone/assets/ 2 KB
1 KB 51ms
51ms Image
image/svg+xml 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://currencyzone.hsbc.com/currency-zone/assets/hsbc_logo.svg

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

c3079f96a67538fe8abc4dab2b5be861596e7aa5449cc92feb877c9fdb1db273

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"6b2-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: en-GB
content-type: image/svg+xml
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 client.js Show response
currencyzone.hsbc.com/currency-zone/src/ 1 MB
413 KB 50ms
50ms Script
application/javascript 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/currency-zone/src/client.js

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a5ada8f360b17d69f6b085bb7ffcad3a2d27dda5a6491ab831e1fd2aac77cace

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"13e0db-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: en-GB
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/ 258 KB
66 KB 419ms
418ms Script
application/javascript 2600:9000:238d:5600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/utag.js
Requested by: Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad2ea16509ff2119a44fd4a3d95e9613c55aa5a84aea1790449ee51eb241c2f1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: e5JBmdfxFYVY4w2Z4bNxQiy0iwn4hYPf
content-encoding: br
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
date: Thu, 25 Jul 2024 10:42:53 GMT
last-modified: Mon, 19 Jun 2023 07:40:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
etag: W/"a366651fb3b2a2c69126849cca9726f7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: aI7QPsEzS56ORwrX1PZ9vXs1CxDDTpaKTbhgOlgBLx2y3izHpF2bYg==

GET
H2 200 universnextforhsbc-regular.woff
currencyzone.hsbc.com/assets/fonts/ 21 KB
21 KB 181ms
180ms Font
font/woff 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/assets/fonts/universnextforhsbc-regular.woff

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/
Origin: https://currencyzone.hsbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 21672
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"54a8-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: font/woff
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 universnextforhsbc-light.woff
currencyzone.hsbc.com/assets/fonts/ 20 KB
20 KB 214ms
214ms Font
font/woff 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/assets/fonts/universnextforhsbc-light.woff

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/
Origin: https://currencyzone.hsbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 20608
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"5080-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: font/woff
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 universnextforhsbc-medium.woff
currencyzone.hsbc.com/assets/fonts/ 20 KB
20 KB 215ms
215ms Font
font/woff 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/assets/fonts/universnextforhsbc-medium.woff

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

015814407c3a043c452d99f9ca8e9219ca46c5ae55bc2ab34bb3741efb3eb275

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/
Origin: https://currencyzone.hsbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 20532
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"5034-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: font/woff
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 ccypairsrates Show response
currencyzone.hsbc.com/currency-zone/v1/ 18 KB
2 KB 70ms
70ms XHR
application/json 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/currency-zone/v1/ccypairsrates?ccyPairs=GBPUSD,EURUSD,USDJPY&range=day

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/currency-zone/src/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

5c3c3fea1c0fea8c3508c6ac510e42243ba54aa8869617b459562c430852ce03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:52 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"4941-f+QJqkAP1wjQnE+5SURqeGUjgy8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: en-GB
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1

GET
H2 200 hero-hexagon.jpg
currencyzone.hsbc.com/assets/ 65 KB
65 KB 119ms
118ms Image
image/jpeg 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://currencyzone.hsbc.com/assets/hero-hexagon.jpg

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

76ed1e9e75beecb84121435c5ea17802f8002026ae4fc3ca0967ca667078e047

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:53 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 66443
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"1038b-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: image/jpeg
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 fxtrends.jpg
currencyzone.hsbc.com/assets/articles/ 26 KB
26 KB 93ms
92ms Image
image/jpeg 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://currencyzone.hsbc.com/assets/articles/fxtrends.jpg

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

ebfe70e9b7c8864d31203ab3928a7a7d5ca8eaeee682a35937d64ac218a67284

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:53 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 26607
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"67ef-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: image/jpeg
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 podcast.jpg
currencyzone.hsbc.com/assets/articles/ 34 KB
34 KB 43ms
42ms Image
image/jpeg 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://currencyzone.hsbc.com/assets/articles/podcast.jpg

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

8b7eae72270f7b965d615764d88fd1b85692e175e158fc512226599e25aab3c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:53 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 34746
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"87ba-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: image/jpeg
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 insights.jpg
currencyzone.hsbc.com/assets/articles/ 62 KB
62 KB 47ms
46ms Image
image/jpeg 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://currencyzone.hsbc.com/assets/articles/insights.jpg

Requested by

Host: currencyzone.hsbc.com
URL: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

57e49dbc0ec5acc25099ab8ea960d875c7c0ec52df5077cb71e8f813346e9814

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://currencyzone.hsbc.com/?ccyFrom=GBP&ccyTo=USD&range=month&amount=1&lng=en-GB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:53 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 63561
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"f849-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-language: en-GB
content-type: image/jpeg
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
560 B 147ms
36ms XHR
application/x-javascript 23.45.104.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.104.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-216.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 10:42:53 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=GB,region_code=EN,city=LONDON,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Fri, 09 Aug 2024 10:42:53 GMT

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
0 147ms
147ms XHR
application/x-javascript 23.45.104.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.104.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-216.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 10:42:53 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=GB,region_code=EN,city=LONDON,areacode=0,zip=0,bandwidth=5000
Accept-Ranges: bytes
Content-Length: 18
Expires: Fri, 09 Aug 2024 10:42:53 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 29ms
29ms Script
application/javascript 2600:9000:238d:5600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/global-gbm-evolve/202306190739&cb=1721904173208
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-gbm-evolve/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 25 Jul 2024 10:38:57 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 5866rV0Hzmt8QcAZWl5LFZb2JPEweaKXICwiDfQOdzyKwPz1_IaHLg==

GET
H2 200 icon.ico
currencyzone.hsbc.com/currency-zone/assets/manifest/ 421 B
501 B 41ms
41ms Other
image/x-icon 193.108.78.213
HSBC-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://currencyzone.hsbc.com/currency-zone/assets/manifest/icon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.78.213 , United Kingdom, ASN20705 (HSBC-UK, GB),

Reverse DNS

Software

Resource Hash

9a5b4e7ca1503660abc69e041f23ff31493a26975cda59b7ec0a0d3b7c2a33c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000, max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000, max-age=15552000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.hsbc.com *.eloqua.com/e/f2 *.tiqcdn.com *.omtrdc.net *.fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com *.hsbc.com ad.doubleclick.net
x-content-type-options: nosniff, nosniff
date: Thu, 25 Jul 2024 10:42:53 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-evolve-release-version: 0.0.359
content-length: 421
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 16 Jul 2024 14:01:50 GMT
cross-origin-opener-policy: same-origin
etag: W/"1a5-190bbd978b0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: en-GB
content-type: image/x-icon
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hsbc.com/	1970-01-21 07:04:00	Name: utag_main Value: v_id:0190e97c907d001e80994bb160a405065005305d00b08$_sn:1$_ss:1$_st:1721905973181$ses_id:1721904173181%3Bexp-session$_pn:1%3Bexp-session$_prevpage:currency-zone%3Bexp-session

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .hsbc.com .eloqua.com/e/f2 .tiqcdn.com .omtrdc.net .fls.doubleclick.net hsbcbankgbm.demdex.net dpm.demdex.net collect.tealiumiq.com cm.everesttech.net www.googletagmanager.com ad.doubleclick.net td.doubleclick.net adservice.google.com cdn.heapanalytics.com;img-src 'self' heapanalytics.com .hsbc.com ad.doubleclick.net
Strict-Transport-Security	max-age=63072000 max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
currencyzone.hsbc.com
tags.tiqcdn.com
193.108.78.213
23.45.104.216
2600:9000:238d:5600:7:2bfb:7c00:93a1
015814407c3a043c452d99f9ca8e9219ca46c5ae55bc2ab34bb3741efb3eb275
57e49dbc0ec5acc25099ab8ea960d875c7c0ec52df5077cb71e8f813346e9814
5c3c3fea1c0fea8c3508c6ac510e42243ba54aa8869617b459562c430852ce03
76ed1e9e75beecb84121435c5ea17802f8002026ae4fc3ca0967ca667078e047
775c5dce1ca2031edb80e9ff9c8d5b0ce66cc031731bd679a55cda9525522059
8b7eae72270f7b965d615764d88fd1b85692e175e158fc512226599e25aab3c3
9a5b4e7ca1503660abc69e041f23ff31493a26975cda59b7ec0a0d3b7c2a33c6
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed
a5ada8f360b17d69f6b085bb7ffcad3a2d27dda5a6491ab831e1fd2aac77cace
a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae
ad2ea16509ff2119a44fd4a3d95e9613c55aa5a84aea1790449ee51eb241c2f1
c3079f96a67538fe8abc4dab2b5be861596e7aa5449cc92feb877c9fdb1db273
d0b0ad4ce6478c9f19037f554254b7154697904bc6889781010dfce6cba62174
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
ebfe70e9b7c8864d31203ab3928a7a7d5ca8eaeee682a35937d64ac218a67284

currencyzone.hsbc.com Open in urlscan Pro 193.108.78.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

815 kBTransfer

2065 kBSize

1 Cookies

3 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

currencyzone.hsbc.com Open in urlscan Pro
193.108.78.213 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

815 kB
Transfer

2065 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions