di6y7cb0tkbww.cloudfront.net Open in urlscan Pro
2600:9000:223d:5400:18:4159:9400:93a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://di6y7cb0tkbww.cloudfront.net/start
Submission: On April 13 via api (April 13th 2024, 1:11:29 am UTC) from BY — Scanned from DE

Summary HTTP 54 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 54 HTTP transactions. The main IP is 2600:9000:223d:5400:18:4159:9400:93a1, located in United States and belongs to AMAZON-02, US. The main domain is di6y7cb0tkbww.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time di6y7cb0tkbww.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
10	2600:9000:223... 2600:9000:223d:5400:18:4159:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
13	2600:9000:235... 2600:9000:235a:fa00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:897::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.37.38.214 23.37.38.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.196.246.85 23.196.246.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.197.9.79 23.197.9.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	161.113.4.185 161.113.4.185	26381 (HSBC-COM) (HSBC-COM)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	18.213.181.71 18.213.181.71	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	44.199.100.40 44.199.100.40	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:249... 2600:9000:2490:be00:a:6cdf:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:3c00:1e:54f1:26c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:2c00:13:ab57:d440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.34.249.102 52.34.249.102	() ()
54	23

10 2600:9000:223d:5400:18:4159:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

di6y7cb0tkbww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:235a:fa00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:897::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-214.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.246.85 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-246-85.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.9.79 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-9-79.deploy.static.akamaitechnologies.com

a19069622224.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.113.4.185 (United States)

ASN26381 (HSBC-COM, US)

mcm-prod.us.hsbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.181.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-181-71.compute-1.amazonaws.com

collect-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8725221.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.199.100.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-100-40.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:be00:a:6cdf:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.a79ab95c1589a13f8a4cab612bc71f9f7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3c00:1e:54f1:26c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.b406929acabac9b095f124c81bdfcf57f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2c00:13:ab57:d440:93a1 (United States)

ASN16509 (AMAZON-02, US)

1.c81358859121583b7adf2ace89cb39f44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.249.102 (None, )

ASN- ()

pdx-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1266 akamai.tiqcdn.com — Cisco Umbrella Rank: 11559	215 KB
10	cloudfront.net di6y7cb0tkbww.cloudfront.net	553 KB
4	tealiumiq.com collect-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 45581 visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 10989	2 KB
4	doubleclick.net 1 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 265 8725221.fls.doubleclick.net	1 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 328	3 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 904 cdn3.optimizely.com — Cisco Umbrella Rank: 5678 a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 98559 logx.optimizely.com — Cisco Umbrella Rank: 1648	143 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	233 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	306 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	70 KB
1	eum-appdynamics.com pdx-col.eum-appdynamics.com	867 B
1	c81358859121583b7adf2ace89cb39f44.com 1.c81358859121583b7adf2ace89cb39f44.com — Cisco Umbrella Rank: 24679
1	b406929acabac9b095f124c81bdfcf57f.com 1.b406929acabac9b095f124c81bdfcf57f.com — Cisco Umbrella Rank: 24686
1	a79ab95c1589a13f8a4cab612bc71f9f7.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com — Cisco Umbrella Rank: 24703
1	hsbc.com mcm-prod.us.hsbc.com — Cisco Umbrella Rank: 485978 Failed	30 KB
1	gstatic.com www.gstatic.com	201 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	879 B
0	liveperson.net Failed lptag.liveperson.net Failed
54	17

	Domain	Requested by
13	tags.tiqcdn.com	di6y7cb0tkbww.cloudfront.net
10	di6y7cb0tkbww.cloudfront.net	di6y7cb0tkbww.cloudfront.net
4	s.amazon-adsystem.com	2 redirects di6y7cb0tkbww.cloudfront.net
3	www.googletagmanager.com	di6y7cb0tkbww.cloudfront.net
2	visitor-service-us-east-1.tealiumiq.com	di6y7cb0tkbww.cloudfront.net
2	8725221.fls.doubleclick.net	1 redirects di6y7cb0tkbww.cloudfront.net
2	www.facebook.com	di6y7cb0tkbww.cloudfront.net
2	collect-us-east-1.tealiumiq.com	di6y7cb0tkbww.cloudfront.net
2	cm.g.doubleclick.net	di6y7cb0tkbww.cloudfront.net
2	connect.facebook.net	di6y7cb0tkbww.cloudfront.net
1	pdx-col.eum-appdynamics.com	di6y7cb0tkbww.cloudfront.net
1	1.c81358859121583b7adf2ace89cb39f44.com	di6y7cb0tkbww.cloudfront.net
1	1.b406929acabac9b095f124c81bdfcf57f.com	di6y7cb0tkbww.cloudfront.net
1	1.a79ab95c1589a13f8a4cab612bc71f9f7.com	di6y7cb0tkbww.cloudfront.net
1	logx.optimizely.com	di6y7cb0tkbww.cloudfront.net
1	mcm-prod.us.hsbc.com	di6y7cb0tkbww.cloudfront.net
1	a19069622224.cdn.optimizely.com	di6y7cb0tkbww.cloudfront.net
1	cdn3.optimizely.com	di6y7cb0tkbww.cloudfront.net
1	akamai.tiqcdn.com	di6y7cb0tkbww.cloudfront.net
1	cdn.optimizely.com	di6y7cb0tkbww.cloudfront.net
1	www.gstatic.com	di6y7cb0tkbww.cloudfront.net
1	www.google.com	di6y7cb0tkbww.cloudfront.net
0	lptag.liveperson.net Failed	di6y7cb0tkbww.cloudfront.net
54	23

This site contains links to these domains. Also see Links.

Domain
www.us.hsbc.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-16`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
mcm-prod.us.hsbc.com DigiCert EV RSA CA G2	`2023-08-06` - `2024-08-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.tealiumiq.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-04-07` - `2024-07-06`	3 months	crt.sh
*.a79ab95c1589a13f8a4cab612bc71f9f7.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-04`	a year	crt.sh
*.b406929acabac9b095f124c81bdfcf57f.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-07`	a year	crt.sh
*.c81358859121583b7adf2ace89cb39f44.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-07`	a year	crt.sh
*.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-07-14`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://di6y7cb0tkbww.cloudfront.net/start
Frame ID: E2DA4436D2856B8DD9A175DA463F8AFF
Requests: 49 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: B6D4F46C1B178EE55F1106F9F0F8B822
Requests: 1 HTTP requests in this frame

Frame: https://8725221.fls.doubleclick.net/activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20premier%20checking%20account;u17=apply%20for%20premier%20checking%20account;u18=start;u25=prod;u99=GTAG;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart
Frame ID: A863FB76137DA2513E9A76404827B987
Requests: 1 HTTP requests in this frame

Frame: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Frame ID: 0A45409297038586BCAB3C186B206745
Requests: 1 HTTP requests in this frame

Frame: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Frame ID: 8ADC10D4C13588B95CFBC1879D1EAAE5
Requests: 1 HTTP requests in this frame

Frame: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Frame ID: B8D158DE12E4B56AAF4231673348AEBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Applying for a Premier Checking Account - HSBC Bank Account Application

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

91 %
HTTPS

45 %
IPv6

17
Domains

23
Subdomains

23
IPs

2
Countries

1451 kB
Transfer

6043 kB
Size

12
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.us.hsbc.com/online-privacy-statement/?vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144&vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144
Title: Data Privacy Note Opens in a new window

Search URL Search Domain Scan URL

URL: https://www.us.hsbc.com/site-terms-and-conditions/?vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144&vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144
Title: Terms and Conditions Opens in a new window

Search URL Search Domain Scan URL

URL: https://www.us.hsbc.com/accessibility/?vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144&vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144
Title: HSBC Accessibility Opens in a new window

Search URL Search Domain Scan URL

URL: https://www.us.hsbc.com/home-loans/equal-housing-lender/?vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144&vid=018ed50250f10082faa2ed504e980506f002a06700b08_us&sid=1712970683144
Title: Equal Housing Lender Opens in a new window

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08&dcc=t

Request Chain 35

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined HTTP 302
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined&dcc=t

Request Chain 43

https://8725221.fls.doubleclick.net/activityi;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20premier%20checking%20account;u17=apply%20for%20premier%20checking%20account;u18=start;u25=prod;u99=GTAG;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart HTTP 302
https://8725221.fls.doubleclick.net/activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20premier%20checking%20account;u17=apply%20for%20premier%20checking%20account;u18=start;u25=prod;u99=GTAG;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request start Show response
di6y7cb0tkbww.cloudfront.net/ 2 KB
1 KB 486ms
403ms Document
text/html 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1dad51af3bef35fbeea7d4523636f694697ddbe541cb186b7aeabe8dd5d7e383

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 01:11:20 GMT
expires: 0
pragma: no-cache
server: istio-envoy
vary: Accept-Encoding
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-id: un79ute0_vRV4amhq36sPtQ6eDZi1WG9omNAudtqn695ipqE6l6dlQ==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 4
x-hsbc-request-correlation-id: nil
x-request-id: 29940cf2-9685-4fe3-b260-e5cc3e79427b:-:-:-

GET
H2 200 adrum.59191791453ae6311081a09b4cf33c2d.js Show response
di6y7cb0tkbww.cloudfront.net/appdynamics/ 103 KB
32 KB 497ms
496ms Script
application/javascript 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:21 GMT
content-encoding: gzip
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=0
x-envoy-upstream-service-time: 6
x-hsbc-request-correlation-id: nil
x-amz-cf-id: ptQ0PpXx0NtemryDNQj1FOTa0yJTmr9nHUKAKiW56Nu3_9lIPzs-wQ==
x-request-id: 94841828-c389-4ee8-9fe1-f70771e12ca9:-:-:-

GET
H2 200 main-be44adc8169d218ac7a8.css
di6y7cb0tkbww.cloudfront.net/ 90 KB
12 KB 495ms
494ms Stylesheet
text/css 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ac5c77f00fdcee04a4871f222f7ffb50eba2ceb67f29806fc519ea256a81e402

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:21 GMT
content-encoding: gzip
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=0
x-envoy-upstream-service-time: 6
x-hsbc-request-correlation-id: nil
x-amz-cf-id: Ck2-hMWVV2JeRscGncntftepyPINeyZa5BlnhnrrjBL9_HJ9M38A4Q==
x-request-id: 384bdcda-2b06-48df-8325-625ec2c990a5:-:-:-

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
879 B 150ms
56ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

6953d3d70bcf358292137a824f631207d18b74cb2b65ff022632725692ad8ee2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 13 Apr 2024 01:11:21 GMT

GET
H2 200 main-553183af16f2accd979f.js Show response
di6y7cb0tkbww.cloudfront.net/ 2 MB
422 KB 499ms
499ms Script
application/javascript 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/main-553183af16f2accd979f.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 31880a8682a3870cf6decf916417fa3d407b3a99031e6899918ba3a7b388abc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:21 GMT
content-encoding: gzip
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=0
x-envoy-upstream-service-time: 6
x-hsbc-request-correlation-id: nil
x-amz-cf-id: TorZGbZTeH_vF4D3MocjCdFtfgvm_PXibZ0ccSCBj0oQNTZmRmBGow==
x-request-id: 85d8900b-ec5c-433f-96bd-005d15de6e45:-:-:-

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 151ms
47ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Origin: https://di6y7cb0tkbww.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 12:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Apr 2025 12:35:35 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 3 KB
1 KB 539ms
443ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.sync.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ddd9b1ef8e4c7284dfa573dd203a7515d668d7b02107fb3efaeae4f45bdec63

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Iwpmo4Ep5hXje1mmkwULioM4RwQlNa8l
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"e8ad5be0f20b4edaeb44e1a6950f738e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: fSpmriz67RAVeYUx_uh8Epy9WDrUmRkqy2ZLfzWsM0DIiwa1HSE9LA==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 201 KB
39 KB 516ms
420ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04c3394d6910ed53125c402556eeb8969753903da38835e0e5e2cb9851eaf9b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: K87GtYSNFkPBZ051sMwNhUAb2UNRxJ7U
content-encoding: gzip
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"1b0c364a0215b47a575ea7995affea7b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: K1D-jdTFfVeb7MHm2Gp68nj-7m15wEZHf9s8CUxeaBEgax-1ObT7Hg==

GET
H2 200 EHL-icon-white.png
di6y7cb0tkbww.cloudfront.net/assets/ 4 KB
5 KB 406ms
406ms Image
image/png 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di6y7cb0tkbww.cloudfront.net/assets/EHL-icon-white.png
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2a523ada6ec9850741f9d45888174ce17faa0583731f84d44207b56765ae150c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:22 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=0
x-envoy-upstream-service-time: 6
x-hsbc-request-correlation-id: nil
content-length: 4325
x-amz-cf-id: __E7Zm4YlcN_-wHrgfM9PdZmr8glj7iIqh3nuDyq65VVog3awEAXxQ==
x-request-id: be0920ea-b30e-49f0-ac9f-e03faa5a120f:-:-:-

GET
H2 200 UniversNextforHSBCW01-Rg.woff
di6y7cb0tkbww.cloudfront.net/assets/ 21 KB
22 KB 494ms
493ms Font
font/woff 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/assets/UniversNextforHSBCW01-Rg.woff
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Origin: https://di6y7cb0tkbww.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:22 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: max-age=0
x-envoy-upstream-service-time: 3
x-hsbc-request-correlation-id: nil
content-length: 21672
x-amz-cf-id: zk9STyFi6s8MuTMziBpdzBLfBf98sGbgipjgCTNMHj6pPdoLmM7CTg==
x-request-id: 18a50b6a-d3ac-43a9-9b3b-848fe2956572:-:-:-

GET
H2 200 UniversNextforHSBCW01-Bd.woff
di6y7cb0tkbww.cloudfront.net/assets/ 20 KB
20 KB 488ms
488ms Font
font/woff 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/assets/UniversNextforHSBCW01-Bd.woff
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 43a9665b03a307a6c8beff167ce4ea8fdbdc5f9631cabbb528601e977e748422

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Origin: https://di6y7cb0tkbww.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:22 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: max-age=0
x-envoy-upstream-service-time: 2
x-hsbc-request-correlation-id: nil
content-length: 20456
x-amz-cf-id: fch2szvZ2k_FdpPph6fvfsqUZ0RrdEQWio-TTS1cEqkamyZV1-bqNQ==
x-request-id: c9c87c33-1d79-4efe-9323-1a7eaa41bb2b:-:-:-

GET
H2 200 UniversNextforHSBCW01-Lt.woff
di6y7cb0tkbww.cloudfront.net/assets/ 20 KB
21 KB 494ms
494ms Font
font/woff 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/assets/UniversNextforHSBCW01-Lt.woff
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/main-be44adc8169d218ac7a8.css
Origin: https://di6y7cb0tkbww.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:22 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: max-age=0
x-envoy-upstream-service-time: 5
x-hsbc-request-correlation-id: nil
content-length: 20608
x-amz-cf-id: U5WkfJOeRdmYvi-O4rWchCR223q5MGeiatX--s008Xesfe1tadg3WQ==
x-request-id: 83306635-67a9-45bb-86fd-d1fecf5108e8:-:-:-

GET
H2 200 20375190679.js Show response
cdn.optimizely.com/js/ 900 KB
141 KB 151ms
60ms Script
text/javascript 2a02:26f0:3500:897::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20375190679.js

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:897::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69082435071468346507c2a94b8fb571760ac21b7f138eda81b76d7d8cc7afb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: kL0VkQhlksCB2Dz2Ecm5bbebiX_WyYTA
content-encoding: gzip
date: Sat, 13 Apr 2024 01:11:22 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: F18R2ER9BTDYGF7Z
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2680
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="35";dur=0,cdnip;desc="2a02:26f0:3500:897::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1712970682671_388276621_3784295303_1089_1481_35_51_146";dur=1
content-length: 143813
x-amz-id-2: 5uXLYPKEYsBXYfYkpA96gXMSU0ozJ3fLVSArsCUX772Ddj3z16vLcahbPA0DXr29EFhPTNpIf7g=
last-modified: Fri, 12 Apr 2024 15:24:30 GMT
server: AmazonS3
etag: "13553c13e812549cb9e92f4503365569"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
560 B 127ms
28ms XHR
application/x-javascript 23.37.38.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-214.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 01:11:22 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=DE,region_code=BE,city=BERLIN,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Sun, 28 Apr 2024 01:11:22 GMT

GET
H2 200 utag.353.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 17 KB
6 KB 408ms
408ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.353.js?utv=ut4.47.202401240809
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a12259724dae64c1dc833916eadb36342852ab0386856178622b6d31e168c45e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GIst.7oOOnLv1F4h5fiCkFpQdQbmCRvC
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"9a282288eb0b677d1ca024ed220a51df"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: _Dk3USUyBLQiAPcIJuvqC3m2kWMJ7EXUnQ6BcPeoI5NKITMM6YEcoA==

GET
H2 200 utag.352.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 43 KB
13 KB 416ms
416ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.352.js?utv=ut4.47.202401240809
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c6d63fa85b784adeef726c061ff94a88d36e594641756f9c989a377a0c88eba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: doEhTAYtRw9gudRScPkNYGXJOshQDlJR
content-encoding: gzip
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"fa158543fb1f218e9d2463a40b2acd3a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 2BcaAOQch5sTMFO0ZOVEaFyQ3HRxrBEVCaPGKVnjShb15BcAh8RO1Q==

GET
H2 200 utag.28.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 14 KB
5 KB 412ms
412ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.28.js?utv=ut4.47.202211081113
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ebbb6e1eef8542a07ca10e84b76cbd82ac909bc816689bb2b3f1c9019db7138

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Q8.vmczMOssS2MHM9u3RSKAY0rzUnays
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"a976ddf5eb80d0b3730ed4fd74b50941"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RvRK9e7tU0m9qMdWPnx45IIsfFxlXUo4x90J1LaLqwyCWILo6yHnwg==

GET
H2 200 utag.588.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 22 KB
7 KB 418ms
417ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.588.js?utv=ut4.47.202207010925
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a585eee2d29cd9fc1d3eaef741094e592c9cfdccd6f69021ef062058fd6b644

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VUlVtM5.XJ6jCRzio967vHsIfuTb1A92
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"3cf5b1d4f257dc60f4e9c745887631e2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: MP503KrAdqfJDHEm6JA_fYeYRwwurUCrWdeVizsHmhLq1sZ-4fa8eg==

GET
H2 200 utag.614.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 4 KB
2 KB 424ms
424ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.614.js?utv=ut4.47.202202150906
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f608e32a3bafd4c313607bc52cf88fef365bc99b74a242688aed679d1d3a8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lV2MjRFPWSZwNYh9ozqqoIRNbiLPrY8G
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"239f269f8b753b1464803d14ac66b8b3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: FCBs5PS4Jo7s98vPJ2l7TisVo4SpRWmOCv3bKiHEsW__SHdCd3f3qg==

GET
H2 200 utag.618.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 8 KB
3 KB 431ms
431ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.618.js?utv=ut4.47.202207010925
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1a0344638f0182059f3244705537fef32970e384cf401e96a148f352760df24

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JSxcVGvFy9wHqfJyZ9Ts.V4emozcNCAJ
content-encoding: gzip
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"423c31fe953d75e6278287200e1a796f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Kqo-BRRil5ih2u_Mr31WuZgibKSt84nntC7N7VDAAQAbRE-y0s7JQg==

GET
H2 200 utag.632.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 1001 KB
121 KB 445ms
445ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.632.js?utv=ut4.47.202205190950
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b9274ab38abf6e3d6dd8982d3a38dca902db4a8f2c1450513a4985f28774a0d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: V03YOYBMJ5ECsmYQN09IfuE.lWuZngv_
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"ab76f3b2ab41ce0281ca787ee13ca618"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: _kvHnGvfAmDV0E4kTdqy7is26cTwrDQnFjOR2kDvy0EuCEbfAME6EQ==

GET
H2 200 utag.673.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 47 KB
12 KB 425ms
425ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.673.js?utv=ut4.47.202401240809
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d9d75e59acd505746b80d69c300e85afb85c14f0b715a65bb4536512bdd3652

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: TO0vf2iQovtC9S4iPeUEFq5ru_RC9o1r
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"7227c28c7dd6c2d1b0b8032ecc164776"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: dAlZngEp09I4LyBznRaqBiTudNBgGruel8GnpfTCzrnCzA8u2SGQCw==

GET
H2 200 utag.696.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 4 KB
2 KB 422ms
422ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.696.js?utv=ut4.47.202401240809
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d942450dc61a76c720d3182ac6724559258871f5e65fcd3b74827d44f8b354af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 15jdhnBl3TJqfmQUuODUvTAYIPRmMp9y
content-encoding: gzip
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"e509655c8cbee3ac227cf7d8d9e92c54"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: We84cY_L_WmT_b2A_frUqkHpToT5rWqlEwI-WugAfmAZrFzliJWeiA==

GET
H2 200 utag.700.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/ 4 KB
2 KB 417ms
417ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm-ao/prod/utag.700.js?utv=ut4.47.202212070916
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49c41f8c31e25c75f36580568164cdcffb2683cbbe874f4b371b684ab79acc52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zVveIh2ZMldnSI6A5rZtMiQdDE64uDHR
content-encoding: br
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
date: Sat, 13 Apr 2024 01:11:23 GMT
last-modified: Wed, 31 Jan 2024 06:20:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"f6f9ed4af657fcad22283b9840929e18"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: PjjBTi_DR42hjzgcFBSNAswd-H5Avzdx_DCgVRsqtHQGqWHe4b6ZlA==

GET
H/1.1 200
OK geo4.js Show response
cdn3.optimizely.com/js/ 308 B
790 B 110ms
32ms Script
application/javascript 23.196.246.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.196.246.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-246-85.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ca4b7752e0059bf2b2105ad2457dfdda38c4c49b795da44d980e023c2185dd9e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date: Sat, 13 Apr 2024 01:11:23 GMT
Server: AmazonS3
x-amz-request-id: 2CJ9EK2MJ1P50VC6
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
Content-Type: application/javascript
Cache-Control: max-age=16163
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 308
x-amz-id-2: Ujz/3/9cOnOsCgdrOKkjEn8DJ8s/Nklnd2Wa1D8/YnYxfzCPxuiahTkXsU7JDjLW/J0picea+zI=

GET
H2 200 a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame B6D4 0
0 129ms
40ms Document
text/html 23.197.9.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.197.9.79 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-9-79.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1210
content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 01:11:23 GMT
etag: "9a5feed553bbf86a36b47663eb4bb3f2"
last-modified: Sat, 13 Apr 2024 00:15:05 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=6 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="30";dur=0,cdnip;desc="23.197.9.79";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1712970683001_34831289_145576703_646_1751_30_34_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: ilDu4Y4Yw+J5ZuL0gCwkueuI+Sx5xAmMIvGG2H/q8g0ZsWCa+j5v+22EkaMhJZM078lGaR4zDN0=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: QS7MX3QPFNXRV867
x-amz-server-side-encryption: AES256
x-amz-version-id: 0B9cQ9m6yEKdy3utiFzZD6gohjx_3o_m

GET tag.js
lptag.liveperson.net/tag/ 0
0

POST session.json
mcm-prod.us.hsbc.com/1698/handler9/ 0
0

GET
H/1.1 200
OK JavascriptInsert.js Show response
mcm-prod.us.hsbc.com/ 82 KB
30 KB 1267ms
151ms Script
application/x-javascript 161.113.4.185
HSBC-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mcm-prod.us.hsbc.com/JavascriptInsert.js

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.113.4.185 , United States, ASN26381 (HSBC-COM, US),

Reverse DNS

Software

Resource Hash

75fe7ad966153b043277de7b083b2fd4b85687f811b149a48b93711c37c32a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 01:11:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Jul 2020 18:08:29 GMT
Content-Encoding: gzip
ETag: 483907946572bb73cc896db3617571b1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=900, s-maxage=900
Connection: Keep-Alive
S: usvisstp201_US
Keep-Alive: timeout=5
Content-Length: 30053

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08&dcc=t

43 B
855 B

140ms
140ms

Script
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08&dcc=t

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 01:11:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6XC880XKP3RTZW5XMG3S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 01:11:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JNQBJ8V4GN5E1NCAG5T9
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 91ms
34ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 01:11:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1326, tbw=2766, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: ofnwLyhtbAc96z8iJYep8blwU9PPLiplmlOmczzFdORbyqG+EmmU1pPDbi5KUP1x0+LIn+hpRaZkukCmBgvUig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 182ms
56ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=018ed50250f10082faa2ed504e980506f002a06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 01:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i.gif Show response
collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/ 43 B
769 B 502ms
242ms XHR
image/gif 18.213.181.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/i.gif
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.181.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-181-71.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6A5nZauAxbXRlbiy

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
x-serverid: uconnect_i-0916cc645bac9373f
x-tid: 018ed50250f10082faa2ed504e980506f002a06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-us:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 018ed50250f10082faa2ed504e980506f002a06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://di6y7cb0tkbww.cloudfront.net
x-ulver: 658c314604bc688812ca4b4a51fecd028f7eae80-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 3051af89-d1df-4cb0-9c09-0ac38598a540
expires: Sat, 13 Apr 2024 01:11:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
72 KB 159ms
60ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8725221

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c51c02ff4c3eae819d9de9de465d717e8cc61a36874d298961489c0f45885457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73038
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Apr 2024 01:11:23 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 29ms
29ms Script
application/javascript 2600:9000:235a:fa00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/us-rbwm-ao/202401310617&cb=1712970683144
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sat, 13 Apr 2024 01:08:58 GMT
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: KebfHyq3qsG_wAB5jgcnhQHpwFL9--xS63BfWa4hUEUKemI__1rhHw==

POST
H2 200 i.gif Show response
collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/ 43 B
714 B 416ms
243ms XHR
image/gif 18.213.181.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/i.gif
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.181.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-181-71.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryepCenmEWVrbNNh4B

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
x-serverid: uconnect_i-08dba760e6c4992f7
x-tid: 1f08a04b09464ea1a50cdfdb5bf30885
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-us:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
vary: Origin
content-type: image/gif
access-control-allow-origin: https://di6y7cb0tkbww.cloudfront.net
x-ulver: 658c314604bc688812ca4b4a51fecd028f7eae80-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 1f08a04b-0946-4ea1-a50c-dfdb5bf30885
expires: Sat, 13 Apr 2024 01:11:23 GMT

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined&dcc=t

43 B
855 B

138ms
138ms

Script
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined&dcc=t

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 01:11:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D7BHP08HH2EXE22NM92B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 01:11:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2NVMYRJNKXNBYR94J28P
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 85ms
55ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=undefined&tealium_account=hsbc&tealium_profile=wpb-stream-us

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 01:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 0f06379a-455c-48ef-abc3-ddadfb9e2894
https://di6y7cb0tkbww.cloudfront.net/ 176 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://di6y7cb0tkbww.cloudfront.net/0f06379a-455c-48ef-abc3-ddadfb9e2894
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51ddb2a0b09f8c8b32c18a23096b4b28a0a6d6f876aaff3cf3fc3da63215b6ea

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 180285
Content-Type

GET
H2 200 405421264201379 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 92ms
91ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405421264201379?v=2.9.153&r=stable&domain=di6y7cb0tkbww.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7cbbf04a82ae85d996d2259bf1739a7f31c7b06f4f1b5015a6748813c77bdaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 01:11:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=62, mss=1326, tbw=63140, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: public
x-fb-debug: Fyh/G2xipfNJbiWjPe93d7ymnsvlUSPkkHTFOSWZw+J/iL6to7scHMTY+2xf7ISM29mlLy8GqYNEaUs5EllkCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 169ms
28ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart&rl=&if=false&ts=1712970683345&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=74e0aaca66d5c4281ef79a2b7a5ba00cb65c52ebdf3191ab34490fc25bc96170&v=2.9.153&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.2.1712970683344.1756132989&ler=empty&cdl=API_unavailable&it=1712970683240&coo=false&eid=6ca5ae52966e93262c1fe2356498b26b&tm=1&rqm=GET

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1326, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 01:11:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 169ms
29ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart&rl=&if=false&ts=1712970683347&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=74e0aaca66d5c4281ef79a2b7a5ba00cb65c52ebdf3191ab34490fc25bc96170&v=2.9.153&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.2.1712970683344.1756132989&ler=empty&cdl=API_unavailable&it=1712970683240&coo=false&eid=a37cb33c5b1b1ed2480595e9aed5c42b&tm=1&rqm=GET

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1326, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 01:11:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794699328&l=dataLayer&cx=c

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d27d595c2864aabcda5d5630a830075101282aa652aa6dcf6edca1f78cc7f7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83178
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Apr 2024 01:11:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-491709426&l=dataLayer&cx=c

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25920aaf95e16aed5f3f53c32edac5e98db9da8066f19cd0641c9e6a79c59dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81455
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Apr 2024 01:11:23 GMT

GET
H2

200

activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20pr...
8725221.fls.doubleclick.net/ Frame A863
Redirect Chain

https://8725221.fls.doubleclick.net/activityi;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20...
https://8725221.fls.doubleclick.net/activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checkin...

0
0

58ms
58ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8725221.fls.doubleclick.net/activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20premier%20checking%20account;u17=apply%20for%20premier%20checking%20account;u18=start;u25=prod;u99=GTAG;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart?

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 452
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 01:11:23 GMT
expires: Sat, 13 Apr 2024 01:11:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 01:11:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8725221.fls.doubleclick.net/activityi;dc_pre=COHe6YiBvoUDFXciBgAdrE0POg;src=8725221;type=newoa0;cat=apply0;ord=3036285911371;npa=1;auiddc=49080369.1712970683;u2=%2Fapply-for-premier-checking-account;u16=pws%3Aapply%20for%20premier%20checking%20account;u17=apply%20for%20premier%20checking%20account;u18=start;u25=prod;u99=GTAG;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdi6y7cb0tkbww.cloudfront.net%2Fstart?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 018ed50250f10082faa2ed504e980506f002a06700b08 Show response
visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/ 36 B
249 B 379ms
122ms Script
application/javascript 44.199.100.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/018ed50250f10082faa2ed504e980506f002a06700b08?callback=utag.ut%5B%22writevawpb-stream-us%22%5D&rnd=1712970683596

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.199.100.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-100-40.compute-1.amazonaws.com

Software

Resource Hash

07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 07e83e5c2c8a3cdaf58eeb411b771c0082ca5213-SNAPSHOT
date: Sat, 13 Apr 2024 01:11:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 36
x-nodeid: i-0f768f9a7a1d272d6
content-type: application/javascript; charset=utf-8

GET
H2 200 018ed50250f10082faa2ed504e980506f002a06700b08 Show response
visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/ 36 B
248 B 380ms
123ms Script
application/javascript 44.199.100.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/018ed50250f10082faa2ed504e980506f002a06700b08?callback=utag.ut%5B%22writevawpb-stream-us%22%5D&rnd=1712970683597

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.199.100.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-100-40.compute-1.amazonaws.com

Software

Resource Hash

07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 07e83e5c2c8a3cdaf58eeb411b771c0082ca5213-SNAPSHOT
date: Sat, 13 Apr 2024 01:11:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 36
x-nodeid: i-0f532a5fb64da1489
content-type: application/javascript; charset=utf-8

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
490 B 202ms
131ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 01:11:23 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://di6y7cb0tkbww.cloudfront.net
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: dc490522-da64-478d-97ec-ca81f22f216a

GET
H2 200 crossdomain.html
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/ Frame 0A45 0
0 135ms
28ms Document
text/html 2600:9000:2490:be00:a:6cdf:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:be00:a:6cdf:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 60644
content-length: 221
content-type: text/html
date: Fri, 12 Apr 2024 08:20:41 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-id: cPfRivHCH-fVIYOC3gHF-vtrVBaHmj0HxotJiUXfbiR8BfctjfXQdA==
x-amz-cf-pop: FRA56-P6
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/ Frame 8ADC 0
0 123ms
28ms Document
text/html 2600:9000:21f3:3c00:1e:54f1:26c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:1e:54f1:26c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 19451
content-length: 221
content-type: text/html
date: Fri, 12 Apr 2024 19:47:14 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-amz-cf-id: _wohwY5u-w5Uaos1zHgoCum2dbDQVGUx67V4nCIzDRMWoCk3MQtuWw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 crossdomain.html
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/ Frame B8D1 0
0 125ms
28ms Document
text/html 2600:9000:2250:2c00:13:ab57:d440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2c00:13:ab57:d440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://di6y7cb0tkbww.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 79564
content-length: 221
content-type: text/html
date: Fri, 12 Apr 2024 03:05:21 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
server: AmazonS3
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id: Mvlr-XJT49RZbxeE9JryZ3DRfvJ7sO-tkFKbIsf5o93kjxeb1ZeSpQ==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 adrum-ext.59191791453ae6311081a09b4cf33c2d.js Show response
di6y7cb0tkbww.cloudfront.net/appdynamics/ 51 KB
17 KB 493ms
493ms Script
application/javascript 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum-ext.59191791453ae6311081a09b4cf33c2d.js
Requested by: Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum.59191791453ae6311081a09b4cf33c2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: cbb4cc0341b1bd157b83ba056ac4449deb53fc83e58132c657f88896e658e369

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:24 GMT
content-encoding: gzip
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=0
x-envoy-upstream-service-time: 2
x-hsbc-request-correlation-id: nil
x-amz-cf-id: 7OMpjRO1xNGNSMDdHJqtqiC6qJvbTj6uA-hPjCbAXh54OV4MrQ4VzQ==
x-request-id: f24aa26d-60e2-4ade-b5fe-591881ae5e36:-:-:-

GET
H2 200 favicon.ico
di6y7cb0tkbww.cloudfront.net/ 318 B
712 B 408ms
407ms Other
image/vnd.microsoft.icon 2600:9000:223d:5400:18:4159:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://di6y7cb0tkbww.cloudfront.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:18:4159:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 316a15cd35bc1c66be119df44a560c70e66580da4612ef73b90b9d2043b5bcfd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://di6y7cb0tkbww.cloudfront.net/start
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 01:11:24 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 15:25:46 GMT
server: istio-envoy
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: max-age=0
x-envoy-upstream-service-time: 6
x-hsbc-request-correlation-id: nil
content-length: 318
x-amz-cf-id: GeMMI-EfiVS2ioEwaHIPIn29ASEYMfc0300W-1pQy7xaLH7ADApq3Q==
x-request-id: e9489a5d-4312-4889-9673-75c316c6d29e:-:-:-

POST
H2 200 adrum Show response
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABH-SEB/ 0
867 B 777ms
380ms XHR
text/html 52.34.249.102

General

Check archive.org

Show headers Download Go to

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABH-SEB/adrum

Requested by

Host: di6y7cb0tkbww.cloudfront.net
URL: https://di6y7cb0tkbww.cloudfront.net/appdynamics/adrum-ext.59191791453ae6311081a09b4cf33c2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.249.102 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://di6y7cb0tkbww.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 01:11:27 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=52516473

Domain: mcm-prod.us.hsbc.com
URL: https://mcm-prod.us.hsbc.com/1698/handler9/session.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.di6y7cb0tkbww.cloudfront.net/	1970-01-21 00:08:42	Name: optimizelyEndUserId Value: oeu1712970682907r0.4376771711197971
.di6y7cb0tkbww.cloudfront.net/	1969-12-31 23:59:59	Name: usy46gabsosd Value: HSBCUS_17129706830710.6f079c400b0c91fb18050119185fcb7a_1698
.di6y7cb0tkbww.cloudfront.net/	1970-01-21 04:35:06	Name: bmuid Value: 1712970683143-28DE03EC-AF0E-4D2C-9970-F79CDCDA6CA6
.di6y7cb0tkbww.cloudfront.net/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.di6y7cb0tkbww.cloudfront.net/	1970-01-20 21:59:06	Name: _fbp Value: fb.2.1712970683344.1756132989
.di6y7cb0tkbww.cloudfront.net/	1970-01-20 21:59:06	Name: _gcl_au Value: 1.1.49080369.1712970683
.amazon-adsystem.com/	1970-01-21 05:25:30	Name: ad-privacy Value: 0
.tealiumiq.com/	1970-01-21 04:35:06	Name: TAPID Value: hsbc/wpb-stream-us>1f08a04b09464ea1a50cdfdb5bf30885\|
.doubleclick.net/	1970-01-20 19:49:31	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:08:42	Name: receive-cookie-deprecation Value: 1
.amazon-adsystem.com/	1970-01-21 02:08:13	Name: ad-id Value: A2w6VjqXGkO5oIywcaODSNY
.di6y7cb0tkbww.cloudfront.net/	1970-01-21 04:35:06	Name: cdSNum Value: 1712970683918-sjn0000319-945683e1-f5b9-4c57-8353-dd25093a608c

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/405421264201379?v=2.9.153&r=stable&domain=di6y7cb0tkbww.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Refused to execute script from 'https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=018ed50250f10082faa2ed504e980506f002a06700b08&dcc=t' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Refused to execute script from 'https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=undefined&dcc=t' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://di6y7cb0tkbww.cloudfront.net/start Message: Access to XMLHttpRequest at 'https://mcm-prod.us.hsbc.com/1698/handler9/session.json' from origin 'https://di6y7cb0tkbww.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mcm-prod.us.hsbc.com/1698/handler9/session.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.a79ab95c1589a13f8a4cab612bc71f9f7.com
1.b406929acabac9b095f124c81bdfcf57f.com
1.c81358859121583b7adf2ace89cb39f44.com
8725221.fls.doubleclick.net
a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.optimizely.com
cdn3.optimizely.com
cm.g.doubleclick.net
collect-us-east-1.tealiumiq.com
connect.facebook.net
di6y7cb0tkbww.cloudfront.net
logx.optimizely.com
lptag.liveperson.net
mcm-prod.us.hsbc.com
pdx-col.eum-appdynamics.com
s.amazon-adsystem.com
tags.tiqcdn.com
visitor-service-us-east-1.tealiumiq.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
lptag.liveperson.net
mcm-prod.us.hsbc.com
142.250.184.198
142.250.185.100
161.113.4.185
18.213.181.71
216.58.206.66
23.196.246.85
23.197.9.79
23.37.38.214
2600:9000:21f3:3c00:1e:54f1:26c0:93a1
2600:9000:223d:5400:18:4159:9400:93a1
2600:9000:2250:2c00:13:ab57:d440:93a1
2600:9000:235a:fa00:7:2bfb:7c00:93a1
2600:9000:2490:be00:a:6cdf:4440:93a1
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
2a02:26f0:3500:897::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.111.140.246
44.199.100.40
52.34.249.102
52.46.130.91
04c3394d6910ed53125c402556eeb8969753903da38835e0e5e2cb9851eaf9b8
07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1dad51af3bef35fbeea7d4523636f694697ddbe541cb186b7aeabe8dd5d7e383
25920aaf95e16aed5f3f53c32edac5e98db9da8066f19cd0641c9e6a79c59dce
2a523ada6ec9850741f9d45888174ce17faa0583731f84d44207b56765ae150c
2d9d75e59acd505746b80d69c300e85afb85c14f0b715a65bb4536512bdd3652
2ddd9b1ef8e4c7284dfa573dd203a7515d668d7b02107fb3efaeae4f45bdec63
2ebbb6e1eef8542a07ca10e84b76cbd82ac909bc816689bb2b3f1c9019db7138
2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6
316a15cd35bc1c66be119df44a560c70e66580da4612ef73b90b9d2043b5bcfd
31880a8682a3870cf6decf916417fa3d407b3a99031e6899918ba3a7b388abc4
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3a585eee2d29cd9fc1d3eaef741094e592c9cfdccd6f69021ef062058fd6b644
3b9274ab38abf6e3d6dd8982d3a38dca902db4a8f2c1450513a4985f28774a0d
43a9665b03a307a6c8beff167ce4ea8fdbdc5f9631cabbb528601e977e748422
49c41f8c31e25c75f36580568164cdcffb2683cbbe874f4b371b684ab79acc52
51ddb2a0b09f8c8b32c18a23096b4b28a0a6d6f876aaff3cf3fc3da63215b6ea
69082435071468346507c2a94b8fb571760ac21b7f138eda81b76d7d8cc7afb4
6953d3d70bcf358292137a824f631207d18b74cb2b65ff022632725692ad8ee2
75fe7ad966153b043277de7b083b2fd4b85687f811b149a48b93711c37c32a3b
7c6d63fa85b784adeef726c061ff94a88d36e594641756f9c989a377a0c88eba
802fe463fb2c5049f755d600c2add791806ba93cf67009d1f621119887e411d7
81f608e32a3bafd4c313607bc52cf88fef365bc99b74a242688aed679d1d3a8b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12259724dae64c1dc833916eadb36342852ab0386856178622b6d31e168c45e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed
a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae
ac5c77f00fdcee04a4871f222f7ffb50eba2ceb67f29806fc519ea256a81e402
b7cbbf04a82ae85d996d2259bf1739a7f31c7b06f4f1b5015a6748813c77bdaf
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c51c02ff4c3eae819d9de9de465d717e8cc61a36874d298961489c0f45885457
ca4b7752e0059bf2b2105ad2457dfdda38c4c49b795da44d980e023c2185dd9e
cbb4cc0341b1bd157b83ba056ac4449deb53fc83e58132c657f88896e658e369
d27d595c2864aabcda5d5630a830075101282aa652aa6dcf6edca1f78cc7f7ab
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d942450dc61a76c720d3182ac6724559258871f5e65fcd3b74827d44f8b354af
e1a0344638f0182059f3244705537fef32970e384cf401e96a148f352760df24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

di6y7cb0tkbww.cloudfront.net Open in urlscan Pro 2600:9000:223d:5400:18:4159:9400:93a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

91 %HTTPS

45 %IPv6

17 Domains

23 Subdomains

23 IPs

2 Countries

1451 kBTransfer

6043 kBSize

12 Cookies

4 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

di6y7cb0tkbww.cloudfront.net Open in urlscan Pro
2600:9000:223d:5400:18:4159:9400:93a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

91 %
HTTPS

45 %
IPv6

17
Domains

23
Subdomains

23
IPs

2
Countries

1451 kB
Transfer

6043 kB
Size

12
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!