urlscan.io logo urlscan.io
SecurityTrails logo

leads.hdfcbank.com Open in urlscan Pro
2606:4700::6812:5e48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lcs.hdfcbk.io/EdmTrack/RedirectUrl?url=ba55fc8b-79b0-4b93-8c6e-fe152b447a1d&dbid=camp_00b4e220_6121_4a93_a63f_...
Effective URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_612...
Submission: On August 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6812:5e48, located in United States and belongs to CLOUDFLARENET, US. The main domain is leads.hdfcbank.com. The Cisco Umbrella rank of the primary domain is 571168.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on January 27th 2023. Valid for: a year.
This is the only time leads.hdfcbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 103.214.132.37 135220 (YUVARAC-A...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains		 Transfer
8 hdfcbank.com
leads.hdfcbank.com — Cisco Umbrella Rank: 571168
115 KB
3 hdfcbk.io
lcs.hdfcbk.io
81 KB
0 resu.io Failed
sdk1.resu.io Failed
0 adobedtm.com Failed
assets.adobedtm.com Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
12 5
Domain Requested by
8 leads.hdfcbank.com 1 redirects lcs.hdfcbk.io
leads.hdfcbank.com
3 lcs.hdfcbk.io 1 redirects lcs.hdfcbk.io
0 sdk1.resu.io Failed leads.hdfcbank.com
0 assets.adobedtm.com Failed leads.hdfcbank.com
0 www.googletagmanager.com Failed leads.hdfcbank.com
12 5

This site contains no links.

Subject Issuer Validity Valid
*.hdfcbk.io
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-03-17		 a year crt.sh
leads.hdfcbank.com
GeoTrust EV RSA CA 2018		 2023-01-27 -
2024-02-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Frame ID: F9C88846321095EA5FF33756B97C45C0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HDFC Bank - Feedback

Page URL History Show full URLs

  1. https://lcs.hdfcbk.io/EdmTrack/RedirectUrl?url=ba55fc8b-79b0-4b93-8c6e-fe152b447a1d&dbid=camp_00b4... HTTP 302
    https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.co... Page URL
  2. https://leads.hdfcbank.com/mailer/feedback.aspx?utm_source=batch&utm_medium=email&utm_campaign=payment_... HTTP 302
    https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

75 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

194 kB
Transfer

757 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lcs.hdfcbk.io/EdmTrack/RedirectUrl?url=ba55fc8b-79b0-4b93-8c6e-fe152b447a1d&dbid=camp_00b4e220_6121_4a93_a63f_d0848bd73506&bid=2&cid=4274e9da-db89-452d-9916-526c42d9cea7&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&rid=2ARBYB&pid=2ARBYB HTTP 302
    https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af Page URL
  2. https://leads.hdfcbank.com/mailer/feedback.aspx?utm_source=batch&utm_medium=email&utm_campaign=payment_gateway&utm_tag=unsubscript_cta&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&chl=em&sr=em&bid=2&cid=4274e9da-db89-452d-9916-526c42d9cea7&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af HTTP 302
    https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://lcs.hdfcbk.io/EdmTrack/RedirectUrl?url=ba55fc8b-79b0-4b93-8c6e-fe152b447a1d&dbid=camp_00b4e220_6121_4a93_a63f_d0848bd73506&bid=2&cid=4274e9da-db89-452d-9916-526c42d9cea7&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&rid=2ARBYB&pid=2ARBYB HTTP 302
  • https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
TagProfile
lcs.hdfcbk.io/Subscription/
Redirect Chain
  • https://lcs.hdfcbk.io/EdmTrack/RedirectUrl?url=ba55fc8b-79b0-4b93-8c6e-fe152b447a1d&dbid=camp_00b4e220_6121_4a93_a63f_d0848bd73506&bid=2&cid=4274e9da-db89-452d-9916-526c42d9cea7&sid=66954f84-645e-4...
  • https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%2...
1000 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.214.132.37 , India, ASN135220 (YUVARAC-AS Yuva Networks, IN),
Reverse DNS
web2.hdfcbk.io
Software
/ ASP.NET
Resource Hash
4bd252ba2f3ad193fab758e157fc5428e9a79acf059d5e53b8e1ed364b7614bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 21:53:41 GMT
Keep-Alive
timeout=60
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="Internet Explorer"

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
601
Content-Security-Policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 21:53:41 GMT
Keep-Alive
timeout=60
Location
/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="Internet Explorer"
jquery.min.js
lcs.hdfcbk.io/Scripts/ 		271 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcs.hdfcbk.io/Scripts/jquery.min.js
Requested by
Host: lcs.hdfcbk.io
URL: https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.214.132.37 , India, ASN135220 (YUVARAC-AS Yuva Networks, IN),
Reverse DNS
web2.hdfcbk.io
Software
/ ASP.NET
Resource Hash
ed66c94cd4d67faba87851858dd999015393c8247d5349be53ec6d50c03e356e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 21:53:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
p3p
CP="Internet Explorer"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 06 Apr 2021 01:07:18 GMT
ETag
W/"0a74930812ad71:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Keep-Alive
timeout=60
Access-Control-Allow-Headers
Content-Type
Primary Request feedback.aspx
leads.hdfcbank.com/mailer/
Redirect Chain
  • https://leads.hdfcbank.com/mailer/feedback.aspx?utm_source=batch&utm_medium=email&utm_campaign=payment_gateway&utm_tag=unsubscript_cta&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&did=cust_00b4e220_6121_4a9...
  • https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&si...
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Requested by
Host: lcs.hdfcbk.io
URL: https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6b5c5a79321dfae6edeafd201d0c40859c43ed8d1aaad158ecf6394325fad0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lcs.hdfcbk.io/Subscription/TagProfile?redirectionUrl=https%253a%252f%252fleads.hdfcbank.com%252fmailer%252ffeedback.aspx%253futm_source%253dbatch%2526utm_medium%253demail%2526utm_campaign%253dpayment_gateway%2526utm_tag%253dunsubscript_cta%2526resulid%253dhUeRnx3ZnZ8ZW18MkFSQllCfFdO%2526did%253dcust_00b4e220_6121_4a93_a63f_d0848bd73506%2526chl%253dem%2526sr%253dem%2526bid%253d2%2526cid%253d4274e9da-db89-452d-9916-526c42d9cea7%2526rid%253d2ARBYB%2526sid%253d66954f84-645e-420d-a9a2-ca71ef76e0af
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://*.hdfcbank.com
cache-control
no-cache, no-store,no-store,must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f8526dfd9716913-FRA
content-encoding
gzip
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 21:53:47 GMT
expires
-1
pragma
no-cache
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://*.hdfcbank.com
cache-control
private,no-store,must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f8526cb3bf76913-FRA
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 21:53:44 GMT
location
/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
style.css
leads.hdfcbank.com/mailer/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/mailer/assets/css/style.css
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a0ad9692d1871a4277be88f25d281a7df556429faa0a4fd37415f3f88c6d59
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-length
2041
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 15 Sep 2020 09:17:24 GMT
server
cloudflare
etag
"11ea4e6418bd61:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
https://*.hdfcbank.com
cache-control
no-cache,max-age=86400,no-store,must-revalidate
accept-ranges
bytes
cf-ray
7f8526e0da806913-FRA
WebResource.axd
leads.hdfcbank.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/WebResource.axd?d=QUn7XUoSKQ7z1DVYVsHSWUJO4DPueNQN9IMhxivEYrdbro6yNgIwzVbLcsJfVLoCIyKGXgE4vyZduR06L3gLrIVuNLC9Ee0BX3aG0lgslHs1&t=637638080668974205
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-length
6007
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 05 Aug 2021 19:24:26 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
access-control-allow-origin
https://*.hdfcbank.com
cache-control
public,no-store,must-revalidate
cf-ray
7f8526e0fa946913-FRA
expires
Fri, 16 Aug 2024 14:52:20 GMT
ScriptResource.axd
leads.hdfcbank.com/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/ScriptResource.axd?d=ynyXmx-Eq7jfVJA8tfBYbUUUJ3fpmc07JU9U0bw2jQxDnnRWQF2F7Pe_q6ug9rHOem-TBMDZ9gQDZv46pp71jbSHqu7KbY5_ve-lIa0_OgvVbKXQw6fg_8Dd1m2qh8oZkVgX_-lVRS9ZHGSnrH0187esjepSl-hyLjmCOSxhGQg1&t=79e27d6
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-length
7228
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 17 Aug 2023 14:52:20 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://*.hdfcbank.com
cache-control
public,no-store,must-revalidate
cf-ray
7f8526e0fa956913-FRA
expires
Fri, 16 Aug 2024 14:52:20 GMT
ScriptResource.axd
leads.hdfcbank.com/ 		312 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/ScriptResource.axd?d=jYlPF-1fgKQY7lXsguH-ApKKMwF5ArATDPgGgBhoFHIOgBnyEwzykHlvjCY8t9xmY2YEOt2U85tw6xOlkaJNg7haR8AVm5q6L0z_1iYXgghfCQLDcjYLTKuSwn4BLLuQXsTUjvlaKOXBJ6q8fBQSNtpTTcxZn8GVK1c3XQlEhzFmoHLs6jFN-w_LBJA2gRH00&t=2fe674eb
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffa8eeee7bce547130529a47ad67c9d606c1054c7bbafc9bbd9ebf7c11e767e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 17 Aug 2023 14:52:20 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://*.hdfcbank.com
cache-control
public,no-store,must-revalidate
cf-ray
7f8526e0fa976913-FRA
expires
Fri, 16 Aug 2024 14:52:20 GMT
ScriptResource.axd
leads.hdfcbank.com/ 		99 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leads.hdfcbank.com/ScriptResource.axd?d=niiuFy5-Hmh3EtyDrVSC6uEgPwlfH2JpCLatr5tEHymySrwWdnHKklthpCkT4silxHlfLzHP19t3D-SZ1LDg2ZYW62g4a3aFlpKieJlC4qS9Hr2cXQD7NIzWLCJjW_jhvFB9AYAJwB1cXHnw4tGNKpEmTRld95jDPZ_B7eEKBqACLUVtthAeP4NMfjw8oScB0&t=2fe674eb
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbeef122f4afe7f339887f6f24eeec0bc3a9dcde2ae1c49c6f3fbe6105762ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
content-length
21733
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 17 Aug 2023 14:52:19 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://*.hdfcbank.com
cache-control
public,no-store,must-revalidate
cf-ray
7f8526e0fa986913-FRA
expires
Fri, 16 Aug 2024 14:52:19 GMT
hdfc_logo.jpg
leads.hdfcbank.com/mailer/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leads.hdfcbank.com/mailer/assets/images/hdfc_logo.jpg
Requested by
Host: leads.hdfcbank.com
URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5e48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2388315de41c58f54ec5ce593622a5b3ce76a3ae9e14e0ab2d72e2fdf35adbc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leads.hdfcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob:; frame-ancestors 'self'; object-src 'none' blob:; base-uri 'none';
cf-cache-status
MISS
content-length
4058
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 08 Sep 2020 04:16:27 GMT
server
cloudflare
etag
"801f12d29685d61:0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://*.hdfcbank.com
cache-control
no-cache,max-age=86400,no-store,must-revalidate
accept-ranges
bytes
cf-ray
7f8526e3ed4b6913-FRA
gtm.js
www.googletagmanager.com/ 		0
0
launch-EN703323d2205e439e8141b8d6113929b3.min.js
assets.adobedtm.com/ 		0
0
00b4e22061214a93a63fd0848bd73506.sdk
sdk1.resu.io/handlers/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7RG59
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/launch-EN703323d2205e439e8141b8d6113929b3.min.js
Domain
sdk1.resu.io
URL
https://sdk1.resu.io/handlers/00b4e22061214a93a63fd0848bd73506.sdk

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| textCounter object| dataLayer function| noBack object| theBody object| theForm function| __doPostBack

5 Cookies

Domain/Path Name / Value
leads.hdfcbank.com/applications/ Name: Max-Age
Value: 0
lcs.hdfcbk.io/ Name: ResUser
Value:
leads.hdfcbank.com/ Name: AspxAutoDetectCookieSupport
Value: 1
.hdfcbank.com/ Name: __cfruid
Value: 230676e421bdcd1fb7dc3c603f43c520f78be092-1692309224
leads.hdfcbank.com/ Name: ASP.NET_SessionId
Value: nxebxcfo2w34teehrf0qcpdu

4 Console Messages

Source Level URL
Text
security error URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Message:
The Content-Security-Policy directive 'object-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1(Line 26)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-K7RG59' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Message:
Refused to load the script 'https://assets.adobedtm.com/launch-EN703323d2205e439e8141b8d6113929b3.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://leads.hdfcbank.com/mailer/feedback.aspx?bid=2&chl=em&cid=4274e9da-db89-452d-9916-526c42d9cea7&did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&resulid=hUeRnx3ZnZ8ZW18MkFSQllCfFdO&rid=2ARBYB&sid=66954f84-645e-420d-a9a2-ca71ef76e0af&sr=em&utm_campaign=payment_gateway&utm_medium=email&utm_source=batch&utm_tag=unsubscript_cta&AspxAutoDetectCookieSupport=1
Message:
Refused to load the script 'https://sdk1.resu.io/handlers/00b4e22061214a93a63fd0848bd73506.sdk' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block