uat-hsbc-membersite.podiumrewards.com Open in urlscan Pro
44.205.149.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uat-hsbc-membersite.podiumrewards.com/
Submission: On September 11 via api (September 11th 2024, 1:05:31 am UTC) from BY — Scanned from CA

Summary HTTP 64 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 64 HTTP transactions. The main IP is 44.205.149.39, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is uat-hsbc-membersite.podiumrewards.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 16th 2024. Valid for: a year.

This is the only time uat-hsbc-membersite.podiumrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	44.205.149.39 44.205.149.39	14618 (AMAZON-AES) (AMAZON-AES)
13	18.164.116.77 18.164.116.77	16509 (AMAZON-02) (AMAZON-02)
1	142.251.40.168 142.251.40.168	15169 (GOOGLE) (GOOGLE)
1	104.18.65.57 104.18.65.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
1	172.64.152.14 172.64.152.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.66.57 104.18.66.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.231.66.127 3.231.66.127	14618 (AMAZON-AES) (AMAZON-AES)
1	23.218.113.175 23.218.113.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2 2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	52.0.231.140 52.0.231.140	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4	52.216.62.48 52.216.62.48	16509 (AMAZON-02) (AMAZON-02)
1	44.197.127.38 44.197.127.38	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
64	17

20 44.205.149.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-149-39.compute-1.amazonaws.com

uat-hsbc-membersite.podiumrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.164.116.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-77.jfk50.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.65.57 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.14 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.66.57 (None, )

ASN13335 (CLOUDFLARENET, US)

a19069622224.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.231.66.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-66-127.compute-1.amazonaws.com

uat-hsbc-api.podiumrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.113.175 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-113-175.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.231.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-231-140.compute-1.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.62.48 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.127.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-127-38.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	podiumrewards.com uat-hsbc-membersite.podiumrewards.com uat-hsbc-api.podiumrewards.com	2 MB
14	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1751 akamai.tiqcdn.com — Cisco Umbrella Rank: 27980	135 KB
4	amazonaws.com s3.amazonaws.com	1 MB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1042 cdn3.optimizely.com — Cisco Umbrella Rank: 7346 a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 156806 logx.optimizely.com — Cisco Umbrella Rank: 2460	145 KB
3	tealiumiq.com datacloud.tealiumiq.com — Cisco Umbrella Rank: 11088 collect-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 56280 visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 13148	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 399	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 363	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	95 KB
0	liveperson.net Failed lptag.liveperson.net Failed
0	Failed function sub() { [native code] }. Failed
0	hsbc.com Failed www.us.hsbc.com Failed
64	14

	Domain	Requested by
20	uat-hsbc-membersite.podiumrewards.com	uat-hsbc-membersite.podiumrewards.com
13	tags.tiqcdn.com	uat-hsbc-membersite.podiumrewards.com tags.tiqcdn.com
4	s3.amazonaws.com
4	uat-hsbc-api.podiumrewards.com	uat-hsbc-membersite.podiumrewards.com
3	www.google-analytics.com	www.googletagmanager.com
2	www.facebook.com
2	s.amazon-adsystem.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
1	visitor-service-us-east-1.tealiumiq.com	tags.tiqcdn.com
1	collect-us-east-1.tealiumiq.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com
1	logx.optimizely.com	cdn.optimizely.com
1	akamai.tiqcdn.com	tags.tiqcdn.com
1	a19069622224.cdn.optimizely.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	tags.tiqcdn.com
1	www.googletagmanager.com	uat-hsbc-membersite.podiumrewards.com
0	lptag.liveperson.net Failed	tags.tiqcdn.com
0	http Failed	tags.tiqcdn.com
0	www.us.hsbc.com Failed
64	21

This site contains links to these domains. Also see Links.

Domain
www.us.hsbc.com

Subject Issuer	Validity	Valid
*.podiumrewards.com Amazon RSA 2048 M03	`2024-07-16` - `2025-08-13`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdn.optimizely.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdn3.optimizely.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-16`	a year	crt.sh
logx.optimizely.com WR3	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-20` - `2024-09-18`	3 months	crt.sh
*.tealiumiq.com Amazon RSA 2048 M03	`2024-06-25` - `2025-07-23`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://uat-hsbc-membersite.podiumrewards.com/
Frame ID: D0A793B184F055F7D23880965F30D441
Requests: 68 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: 5882AF990A82E4C3F8900350E2EB5E7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC Rewards - Home page

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

64
Requests

88 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

17
IPs

2
Countries

3835 kB
Transfer

5604 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.us.hsbc.com/site-terms-and-conditions/?vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08_us&sid=1726016724194
Title: HSBC Terms and Conditions open in new tab

Search URL Search Domain Scan URL

URL: https://www.us.hsbc.com/online-privacy-statement/?vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08_us&sid=1726016724194
Title: Privacy open in new tab

Search URL Search Domain Scan URL

URL: https://www.us.hsbc.com/accessibility/?vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08_us&sid=1726016724194
Title: Accessibility open in new tab

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESEBVcxpckEJGtodCmyV_tkLA&google_cver=1

Request Chain 47

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&dcc=t

64 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uat-hsbc-membersite.podiumrewards.com/ 4 KB
4 KB 160ms
42ms Document
text/html 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

e5ee02dd69a24f8094052dc62a1de550deeb18321cc06fd994f743236ca54629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 3686
content-type: text/html
date: Wed, 11 Sep 2024 01:05:22 GMT
etag: "66ab835f-e66"
last-modified: Thu, 01 Aug 2024 12:45:19 GMT
pragma: no-cache
referrer-policy: origin
server: nginx/1.27.0
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 3 KB
2 KB 245ms
117ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.sync.js
Requested by: Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b55ca12ef0a89965c5621f4bafd0d561c1cd5f9e9bae51e1aee71581aab710ef

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: m0R1XYKbOlIZ1NyM.bTIZtTHxiBq2F7Y
last-modified: Mon, 09 Sep 2024 03:42:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"c492d434065c8c7f217b836eb47bb21f"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: aHudY71n4DCc3wu0IeSKpDpHsjWT4fuWbyvLWkoz3XuScLJWW4dsdA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
95 KB 198ms
107ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2da247295b4ef81ed749a43d8637daeea0c504990dcdfc101d912c9c9cdd3fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Sep 2024 01:05:22 GMT

GET
H2 200 8334e00.js Show response
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 3 KB
3 KB 43ms
42ms Script
application/javascript 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/8334e00.js

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

87989d3a600bea1dd5669bbda4644aef64d87686821779c5a10a4619935d199f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 2888
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-b48"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 73286fa.js Show response
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 300 KB
301 KB 85ms
84ms Script
application/javascript 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/73286fa.js

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

055314c500e0071226cf3672758f46eaf3b54dc5ab4cfd9f3d712ff6e4b7d96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 307000
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-4af38"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 09febab.js Show response
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 901 KB
902 KB 85ms
84ms Script
application/javascript 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/09febab.js

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

a1c288b0dc231e8e3a39ae81b088c5780e9dd6b622e556d38ed32605cbb5082b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 922554
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-e13ba"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 355fb9f.js Show response
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 666 KB
667 KB 83ms
83ms Script
application/javascript 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/355fb9f.js

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

e5259ee7a3f046022d6b86bc4fab415d4d1777323e01c53eb15f38907c628ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 681492
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-a6614"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 20375190679.js Show response
cdn.optimizely.com/js/ 924 KB
144 KB 364ms
42ms Script
text/javascript 104.18.65.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/20375190679.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.sync.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.65.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efa39f197b08d1a4d7fa52479261554ffe09690778305ccc8b4650d83684c63

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
date: Wed, 11 Sep 2024 01:05:22 GMT
content-encoding: gzip
x-amz-version-id: DcuDtdnzB3bmvqx_EjKKWw49fy9W26UJ
cf-cache-status: HIT
x-amz-request-id: 3FZ1ZET4A3ERDFK8
age: 370
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2910
x-amz-replication-status: PENDING
content-length: 146673
x-amz-id-2: ONxpkt+wWRHdHlsJ8tNRYBkHEACR5k58i0uaplEu6Zw8czdQd5KvU1TJBGtKIFPTkNdRpO9kMvs=
last-modified: Tue, 10 Sep 2024 18:19:41 GMT
server: cloudflare
etag: "4f0d8d42ef0628d0c46f3b7c9bf73e3d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 8c13bfc64a2139f7-YYZ

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 152ms
55ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je4990v885240988za200&_p=1726016722581&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1410444904.1726016723&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726016722&sct=1&seg=0&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=628
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2024 01:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geo4.js Show response
cdn3.optimizely.com/js/ 306 B
318 B 399ms
64ms Script
application/javascript 172.64.152.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.14 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ec9447388a7f71da04b3f1e72932aaf2086312e56d69d52bebf1d4603dd3c5

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
content-encoding: br
server: cloudflare
cf-ray: 8c13bfca0f06a20e-YYZ
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame 5882 0
0 134ms
59ms Document
text/html 104.18.66.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.66.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 106
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8c13bfc8de2a39c9-YYZ
content-encoding: gzip
content-length: 1207
content-type: text/html; charset=utf-8
date: Wed, 11 Sep 2024 01:05:23 GMT
etag: "3e35d1884e4e0ec8d52080356ac332ad"
last-modified: Wed, 11 Sep 2024 00:17:05 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: lyt16gMdob1L948RkiVZ3fUuzFpMgO4QTut9Glfo2xDJ1s5fMz/7PNC+2bANNFiCf4hmlyAP0ow=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 2W02BW2S1KMCD5RC
x-amz-server-side-encryption: AES256
x-amz-version-id: GEN8vcYK097mOjeDSXwEB3ICN8hpni0M

GET
H2 200 d61d675.js Show response
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 21 KB
21 KB 48ms
48ms Script
application/javascript 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/d61d675.js

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/8334e00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

febac3369651a4f3506bf8ff5cd605d266ae518ef1a8a80b120d00192e17d81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 21224
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-52e8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 UniversNext-regular.91732db.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 36 KB
36 KB 93ms
93ms Font
font/woff2 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-regular.91732db.woff2

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

e826d525e772eaeae32f6d313a0f7837ab7a8d6e92bc622087d32aefaa8da3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
Origin: https://uat-hsbc-membersite.podiumrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 36896
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-9020"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 56ms
55ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je4990v885240988za200&_p=1726016722581&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1410444904.1726016723&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726016722&sct=1&seg=0&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&en=scroll&epn.percent_scrolled=90&_et=8&tfd=1665
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2024 01:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HSBC_Thumbnail_2.jpg
uat-hsbc-membersite.podiumrewards.com/images/ 60 KB
60 KB 46ms
41ms Image
image/jpeg 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/HSBC_Thumbnail_2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

3172fc418f1ff5593ef39678e9c89b2a005859f0f9f69ac5a74d9cb9ba46b903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 61223
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-ef27"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 HSBC_Thumbnail_3.jpg
uat-hsbc-membersite.podiumrewards.com/images/ 57 KB
57 KB 123ms
119ms Image
image/jpeg 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/HSBC_Thumbnail_3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

678fbf949b673a6d96730974d5acd5cece930eb86f3638fbedd3cc0d880a8414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 57965
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-e26d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 egift_banner.png
uat-hsbc-membersite.podiumrewards.com/images/ 109 KB
110 KB 84ms
81ms Image
image/png 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/egift_banner.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

8e91505e91e5989c88abc48d043144abd44030c98b56f292e1b5400a328cb1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 111732
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-1b474"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 merch_tiles.png
uat-hsbc-membersite.podiumrewards.com/images/ 49 KB
50 KB 124ms
121ms Image
image/png 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/merch_tiles.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

de441554d156f3d1587ad914d3bdd7abf0164852e00b9da68532d8659f683bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 50579
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-c593"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 cash_back_tiles.png
uat-hsbc-membersite.podiumrewards.com/images/ 41 KB
41 KB 252ms
249ms Image
image/png 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/cash_back_tiles.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

d43d097c51de6572a93aef473b04339a54fb20a687d2b5303c2a581eb132bf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 41850
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-a37a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 UniversNext-medium.97263e9.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 36 KB
36 KB 296ms
295ms Font
font/woff2 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-medium.97263e9.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

10ba9e7a6662d026ab340d7eb7a290fbb58c50474ff2d5f3813872445732194b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
Origin: https://uat-hsbc-membersite.podiumrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 36784
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-8fb0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 UniversNext-light.279f687.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 36 KB
36 KB 378ms
378ms Font
font/woff2 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-light.279f687.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

097d266cc517d53f8f1aa7c2d6d7470d1ac7acc834bb6a55f21117ef6cb953cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
Origin: https://uat-hsbc-membersite.podiumrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 36404
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-8e34"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 394 KB
64 KB 185ms
184ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Requested by: Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65e0779e52d4201cc9a048f5f5ae9d4a868bc069f8eac56886f7a4064b795892

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: OHzJSWlESBf7dB.N__XZ8kUZwS7wxjX8
last-modified: Mon, 09 Sep 2024 03:42:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"11bda8a5196e08c2855fef062d83c729"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 2Uq3aFcGpCX301jThm8uc1-QOlnDoiLyzZS0aKl5m9az6ivOk7Pk_w==

GET
H2 200 page Show response
uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/ 31 KB
4 KB 811ms
653ms XHR
application/json 3.231.66.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/page

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/73286fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.66.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-66-127.compute-1.amazonaws.com

Software

nginx /

Resource Hash

30640a490e09adfc613279eb129c6daf72bb9b4df4059e9ea0a1482a672e9086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers: Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 page Show response
uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/ 31 KB
4 KB 1466ms
652ms XHR
application/json 3.231.66.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/page

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/73286fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.66.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-66-127.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5e4caacec8bac5b538f112a6674e54403554bd84dc750b10465d330f4681c144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers: Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b76f208ad774d5a280a2c531333eae263dad83cebf79f0c466908738f516ab43

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4266221dd20d862fad9af69fefde6ecdb92191d66e293d8a5cd344f83d7bac6

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 menu.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 502 B
907 B 336ms
334ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/icons/menu.svg?data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

552660cff11abb259b259dae8f9223f809b50055e7180325dc1b69ec75591741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 502
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-1f6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 hsbc-brand-logo-no-text.svg
uat-hsbc-membersite.podiumrewards.com/images/ 543 B
947 B 336ms
334ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/hsbc-brand-logo-no-text.svg?data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

2be62f3b530f1b20e785d0e385918ae1173fc0c5f53c3ff23b7bcc9ee477cd18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 543
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-21f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 program-registration Show response
uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/ 127 B
681 B 292ms
140ms XHR
application/json 3.231.66.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/program-registration

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/73286fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.66.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-66-127.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8b86691612d0c5212bae88d1e0eb944f84845be08fcc6ead02fa26777e0b2d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers: Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 product Show response
uat-hsbc-api.podiumrewards.com/v1/guest/ 11 KB
4 KB 450ms
298ms XHR
application/json 3.231.66.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://uat-hsbc-api.podiumrewards.com/v1/guest/product?currency_id=1&program_slug=hsbc&count=4&facets=%7B%22category.lvl0%22:[%22Monthly+Specials%22]%7D

Requested by

Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/73286fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.66.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-66-127.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c97b13983b077da2b1233b19f2140b313316d6c34df91263174d6072e80df1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers: Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pause.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 289 B
693 B 335ms
335ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/icons/pause.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

9de732f25d6c2f5d51857268a92569c543ed4cae375c3c0bf7371b1c03fe807e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 289
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-121"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 386 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET favicon.ico
www.us.hsbc.com/etc/designs/dpws/common/favicons/ 0
0

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
791 B 179ms
47ms XHR
application/x-javascript 23.218.113.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.113.175 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-113-175.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 11 Sep 2024 01:05:24 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=CA,region_code=ON,city=TORONTO,areacode=0,zip=M3H+M3M+M4B+M4C+M4E+M4G+M4H+M4J+M4K+M4L+M4M+M4N+M4P+M4R+M4S+M4T+M4V+M4W+M4X+M4Y+M5A+M5B+M5C+M5E+M5G+M5H+M5J+M5K+M5L+M5M+M5N+M5P+M5R+M5S+M5T+M5V+M5W+M5X+M6A+M6B+M6C+M6E+M6G+M6H+M6J+M6K+M6L+M6M+M6N+M6P+M6R+M6S+M7A+M7Y+M9M+M9N+M9P+M9W,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Thu, 26 Sep 2024 01:05:24 GMT

GET
H2 200 utag.680.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 133 KB
19 KB 240ms
239ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.680.js?utv=ut4.47.202308221927
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3bdaa7dc03925c3ada028ba58a2018392e8ea53d32566a88a2b0e51a2c79622

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: iTUNLvKOAULeecHkVMhMbNIta.JMzymv
last-modified: Mon, 09 Sep 2024 03:42:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"400e22b5f16f88a6469687225117b00f"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: wninImOxaAqmqcyhTXU9aB2wmhgfjMuyqkzcRiGp9IG39CeYgqr3AQ==

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
401 B 132ms
61ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: ad660953-69a0-4242-8a34-1a4aa5c7246d

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 37 KB
12 KB 144ms
141ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.87.js?utv=ut4.47.202408071632
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23f35ef23788c464bc5b2f9833a22281b7bf8e6d2a6d9e4843e7b7975ac78ce4

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: 2pyoXOvP0xfy0fMI_XnQSNvhzMqhlEpZ
last-modified: Mon, 09 Sep 2024 03:42:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"5aa7f2a54dcb54d65d18caa68f433a6c"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: rSL4sqsJww81Y9ZQsdONhIclh-SKTcTAAlUmn8g2Mp15mE1HYPhjFQ==

GET
H2 200 utag.384.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 6 KB
3 KB 108ms
106ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.384.js?utv=ut4.47.202404010402
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0bc26bb44e78292baab4306badf5cd4a82e59bad206c0004cf7f86cc6cae38d

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: XPPrZiq2Vf5gyrjXjutCNDnxo.XsNv8l
last-modified: Mon, 09 Sep 2024 03:42:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"7263c7ecb19baa01ec5ad4d19e5e06ae"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: WoQKkrVqmbYNp0iT-M1RwBvNpI96wdOkf0jku4sURuGpHTE4G0gWQw==

GET
H2 200 utag.518.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 22 KB
8 KB 100ms
98ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.518.js?utv=ut4.47.202206281633
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14b89b6805ceb60919841ac998cbaf99b93b4064ce7f088602399ada9d02fc1e

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: 1tOlfah7xEz9mhMIf0UcCUTgbLn3LMCe
last-modified: Mon, 09 Sep 2024 03:42:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"3803ace70b4e8e97f7ce8d30bdc09846"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: aXNpSnTVQRbmIMgs04j--mSNW4Ukv2VtsVqnd1-QSo-bK2JEZkQymg==

GET
H2 200 utag.550.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 4 KB
2 KB 109ms
107ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.550.js?utv=ut4.47.202112230311
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0678cc93a11f6cb8517d897979975ce85508b282c5521dd9f36a730358d48a5f

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: AGqIg78dxFuFcKfUPJTiuwTMWnQ1wUh0
last-modified: Mon, 09 Sep 2024 03:42:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"dfa27e686b27f8cce4d565fe88b19556"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: OTXv4MfSy4WIJ_lfxhA9tATYq6kxcE41NaYt4aeZSnnp2nfEVVr-nA==

GET
H2 200 utag.612.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 14 KB
5 KB 146ms
144ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.612.js?utv=ut4.47.202206151142
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41d4822eeb2a0671787f2e2747ad8b68031c1619c411e94d0835c3d3e759d7cd

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: n59W010CORrguu2voAaNqPamtzVVa0Eq
last-modified: Mon, 09 Sep 2024 03:42:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"2356decc05984eec3793506452f39e17"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: cDznONtaXOZk-eTr6RZyJH9i6w-AWjfrhxYhnSgce2IfEh3b7_KVkA==

GET
H2 200 utag.633.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 47 KB
13 KB 100ms
98ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.633.js?utv=ut4.47.202311220520
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6225cbccccb5e3daa2b74ec79ed0101bb9d72516c0b7f71588bebe5c50a542a

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: M8uEUsCX8truR9Zpr8kESucC04yj.jK6
last-modified: Mon, 09 Sep 2024 03:42:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"bb5121178cc060711a5d32c6e0ef6d62"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: QRr_LJicmij3k1_NQR7M0i1gOUyAXwWa2YAOYvHdQIFAIBAaviEkXg==

GET
H2 200 utag.655.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 4 KB
2 KB 149ms
148ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.655.js?utv=ut4.47.202401051024
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae95a03eef6d41630394065f19c2e4f7439368410a3b96f805cb9084cd9ee2eb

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: AasWFivRiYQcHLnZOTZqmytXrKoiPhWW
last-modified: Mon, 09 Sep 2024 03:42:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"b7f862c0cc2e9f3a57e4288d374e14b1"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: xfxPZurk8flWjrWr5A78ZKiWNlOVwm65ES6mxAKJGp2vCy7TqaAxpg==

GET
H2 200 utag.659.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 4 KB
2 KB 151ms
149ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.659.js?utv=ut4.47.202211301019
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64fc94f1044bcbc13cfdfa17aa6253fc3b5192884f478e547797ef17d6eb79e0

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: VRlZFiIYoG6DSo1tpTaQ3bKvbZARRyUZ
last-modified: Mon, 09 Sep 2024 03:42:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"8784dde4dbbaec18bf5366f3682a3c57"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 6lyilBuv23LRo3iDB0DS1oyP8-E_HSKy2pU0_nkq8bDClTgnfN56Ng==

GET
H2 200 utag.699.js Show response
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 11 KB
4 KB 177ms
176ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.699.js?utv=ut4.47.202403201213
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 471808443cc2dccc764e80c8c7639f6f8577c80dc299daddb92a8a9d61fa7492

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:25 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-version-id: fUCxVeSs.mo2uKgY4YKEGg0WPuAalTDW
last-modified: Mon, 09 Sep 2024 03:42:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"d3e7a1f4ffeba0fb402e2ac7fe868025"
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Q4YJxKF-X24n4D6OWe0ru-K1CxYYlmahmxR6z9vvxGrZ7e2nyTSJMQ==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 89ms
41ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.518.js?utv=ut4.47.202206281633

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Sep 2024 01:05:24 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4292, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5wj+CPizRyi7/JoWa8DaO12mho3e0f6yn2StZ6wWlPTep86S5/3eDW6rNmn89841JCj+UK8U4tdrimEvhmIepg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-strea...
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stre...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESEBVc...

43 B
1000 B

342ms
313ms

Image
image/gif

52.0.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESEBVcxpckEJGtodCmyV_tkLA&google_cver=1
Protocol: H2
Server: 52.0.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-231-140.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2024 01:05:25 GMT
x-serverid: uconnect_i-00b3339a33a530816
x-tid: 0191de9d1cdb001e1dab7915ab2f05065002e05d00b08
x-did: 0191de9d1cdb001e1dab7915ab2f05065002e05d00b08
vary: Origin
content-type: image/gif
x-acc: hsbc:wpb-stream-us:2:vdata
x-ulver: a6eb5400babbcfe85d37374e06d0c548e37e4e73-SNAPSHOT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: us-east-1
content-length: 43
x-uuid: 807377b4-2412-45c0-872b-23cc7a27e4a2
expires: Wed, 11 Sep 2024 01:05:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Sep 2024 01:05:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESEBVcxpckEJGtodCmyV_tkLA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i.gif Show response
collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/ 43 B
774 B 225ms
112ms XHR
image/gif 52.0.231.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.633.js?utv=ut4.47.202311220520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.0.231.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-231-140.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybuZauoC1Ucnc6BnP

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
x-serverid: uconnect_i-025ca90aede19e966
x-tid: 0191de9d1cdb001e1dab7915ab2f05065002e05d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-us:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0191de9d1cdb001e1dab7915ab2f05065002e05d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
x-ulver: a6eb5400babbcfe85d37374e06d0c548e37e4e73-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: e6ddab8b-8c29-4e91-af42-f0ae442d94ba
expires: Wed, 11 Sep 2024 01:05:24 GMT

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&dcc=t

43 B
855 B

67ms
67ms

Script
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&dcc=t

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Sep 2024 01:05:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FM0D4Y5PP97ANMC60Y6A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Sep 2024 01:05:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J538FZ7J8S56P58WH01Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST session.json
http//www.issthk-dev.hsbc.com.hk:33001/2944/handler9/ 0
0

GET JavascriptInsert.js
http//www.issthk-dev.hsbc.com.hk:33001/ 0
0

GET tag.js
lptag.liveperson.net/tag/ 0
0

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 41ms
41ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/us-rbwm/202409090339&cb=1726016724537
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Wed, 11 Sep 2024 01:04:07 GMT
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 78
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: accept-encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: W2VqF3gjt7x97fTEaCyVutVFss5g3vfowpVIwjALfzOw9a8TUTpJ3w==

GET favicon-16x16.png
www.us.hsbc.com/etc/designs/dpws/common/favicons/ 0
0

GET
H3 200 405421264201379 Show response
connect.facebook.net/signals/config/ 69 KB
15 KB 113ms
112ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405421264201379?v=2.9.167&r=stable&domain=uat-hsbc-membersite.podiumrewards.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

5cc83e23f47fca30bcc627e53a4079786ea1d04627314f0b65761e0cd9b6d05d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Sep 2024 01:05:24 GMT
document-policy: force-load-at-top
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=74, mss=1232, tbw=66964, tp=62, tpl=0, uplat=47, ullat=0
pragma: public
x-fb-debug: hdrL7ro1zg2HD2/sEKBhmFxcldXqUpGYOZlb+a88LZujZv2tE/sg0lWFssqvCHZ76XSczuFD+Hj4v6zLyr6pJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chevron-right-thick-red.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 386 B
790 B 48ms
47ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-right-thick-red.svg?data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 386
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-182"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 chevron-left-thin.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 384 B
788 B 47ms
47ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-left-thin.svg?data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

7ef9433cc375b3490b901db9d790b187105a13b3840228027f27e250b604ab3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 384
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-180"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
H2 200 chevron-right-black.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 382 B
786 B 47ms
47ms Image
image/svg+xml 44.205.149.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-right-black.svg?data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.205.149.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-149-39.compute-1.amazonaws.com

Software

nginx/1.27.0 /

Resource Hash

950ae1b2cf55dc0432b298ca60adb7a9604c4f7f2dbc1bfc67f4469b8b88e8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 01:05:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-length: 382
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
last-modified: Thu, 01 Aug 2024 12:45:18 GMT
server: nginx/1.27.0
etag: "66ab835e-17e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3972953bc31004e13c1dcf446f4903a566b5e74220622dc4eb4252cd69f578

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbbbfe1080afcefc3c2518e6f5be9c449ae18084f56fdaad0e543be76e4466bf

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK row-7-carousel-amazon.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 197 KB
198 KB 262ms
145ms Image
image/jpeg 52.216.62.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/row-7-carousel-amazon.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.62.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13dd18dd40b3d3787c2ac32ce242cf7b51dcb0ddcc12aac9ca8066c0a51755e9

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 11 Sep 2024 01:05:25 GMT
x-amz-version-id: 2ugmQIo2Dpm4zUCf3Et3.8NyO3CLflgM
Last-Modified: Wed, 17 Jul 2024 16:38:53 GMT
Server: AmazonS3
x-amz-request-id: 3KDDD4S0ABM83SAP
ETag: "3af3a0e5d41654e20172c72034ba6d63"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 201984
x-amz-id-2: rY2e4UngV9Dkw4xgskIvN7LfraFnW3DLPPJBcgmFtfs9kCBLb6HSAwuuzUxCU+l7HPTMZNnSo44=

GET
H/1.1 200
OK row-9-carousel-monthly-rewards-sale.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 239 KB
240 KB 261ms
145ms Image
image/jpeg 52.216.62.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/row-9-carousel-monthly-rewards-sale.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.62.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c152bffb8ee9a1d9217e7058c73c9f36285c5c38443bf0f357652f18d69b674

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 11 Sep 2024 01:05:26 GMT
x-amz-version-id: ucxznXZtXhhESBnAXZzNaOPkQ0E70R8A
Last-Modified: Wed, 17 Jul 2024 16:50:56 GMT
Server: AmazonS3
x-amz-request-id: 3KD7ZKQBFB56TV8M
ETag: "611b8ddfb7c1e8d5e9a13287cba3492b"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 245167
x-amz-id-2: 9tUaWLUFiVyqVY9HUMjX2a0HrN+qQkYDgcDi2gn9BY0XnVfrmzEwLQpoWxiPEPmv2+vJ5ZCMR1M=

GET
H/1.1 200
OK HSBC_Header_2.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 347 KB
347 KB 293ms
134ms Image
image/jpeg 52.216.62.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/HSBC_Header_2.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.62.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 214e11ea56b4b4ec2ce0f0202dbf2315b76d9a5681bfe380ac0c2e35a9c1213c

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 11 Sep 2024 01:05:26 GMT
x-amz-version-id: PT7jLEgH3aAh8kvoZ_M9pygpF6Bg04me
Last-Modified: Wed, 04 Nov 2020 19:03:22 GMT
Server: AmazonS3
x-amz-request-id: 3KDAR59CT48RDQRQ
ETag: "da11605ad13539f508427057c4569f14"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 354913
x-amz-id-2: pUTiFUfySwO+CGm2USCvHMxOjBBRocMlHXbrQ3gZXTRM53AB597rBzFtawaxmU5sHYKdJPEVRpo=

GET
H/1.1 200
OK HSBC_Header_3.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 254 KB
254 KB 371ms
211ms Image
image/jpeg 52.216.62.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/HSBC_Header_3.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.216.62.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a8272aa1db9d3480238c394a7b56ddf2108112d12ed28be496780bbf1a285903

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 11 Sep 2024 01:05:26 GMT
x-amz-version-id: xAbnH57JWcDRlu9R50xyNFdjpSD8QNtr
Last-Modified: Wed, 04 Nov 2020 19:04:03 GMT
Server: AmazonS3
x-amz-request-id: 3KD7H7YJM06VPVWV
ETag: "ebd68c87009c15c829b501c909ffa79f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 259642
x-amz-id-2: 4jEaoqXvYy3LeTuykLIXSkGq+7g6pReJTFbli1Z/cnq/lgH80zWCy6msTp11uqGOQ8YKt9veyZo=

GET
H2 200 0191de9d1cdb001e1dab7915ab2f05065002e05d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/ 36 B
250 B 182ms
59ms Script
application/javascript 44.197.127.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/0191de9d1cdb001e1dab7915ab2f05065002e05d00b08?callback=utag.ut%5B%22writevawpb-stream-us%22%5D&rnd=1726016724881

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.197.127.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-197-127-38.compute-1.amazonaws.com

Software

Resource Hash

07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-version: a8923f2a65d1f8225f08f5bd5a1c1c17d35322df-SNAPSHOT
date: Wed, 11 Sep 2024 01:05:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 36
x-nodeid: i-0b2dd9a62380634a3
content-type: application/javascript; charset=utf-8

GET favicon-32x32.png
www.us.hsbc.com/etc/designs/dpws/common/favicons/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 138ms
42ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com&rl=&if=false&ts=1726016724967&sw=1600&sh=1200&ud[external_id]=098be3b4ff72245e761a75517ae093a7b2036e9b13ba8e3ba0d32d184c484244&v=2.9.167&r=stable&a=tmtealium&ec=0&o=4124&fbp=fb.1.1726016724949.342051231873420936&pm=1&hrl=38a872&ler=empty&cdl=API_unavailable&it=1726016724632&coo=false&eid=8f92ad2dafbd9e1b6638cdd56de0c298&tm=1&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1316, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Sep 2024 01:05:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 214ms
126ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com&rl=&if=false&ts=1726016724967&sw=1600&sh=1200&ud[external_id]=098be3b4ff72245e761a75517ae093a7b2036e9b13ba8e3ba0d32d184c484244&v=2.9.167&r=stable&a=tmtealium&ec=0&o=4124&fbp=fb.1.1726016724949.342051231873420936&pm=1&hrl=38a872&ler=empty&cdl=API_unavailable&it=1726016724632&coo=false&eid=8f92ad2dafbd9e1b6638cdd56de0c298&tm=1&cs_cc=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 11 Sep 2024 01:05:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7413185386552663360", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=13, mss=1316, tbw=3124, tp=-1, tpl=-1, uplat=82, ullat=0
pragma: no-cache
x-fb-debug: /TmTQlQ8xy3hgJNG5luafrzbZz+IuEJLme5tRXAHTZzPtv5ohHUrRl5nA/MohodhEh8+o7roC8sbntoENICiIQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7413185386552663360"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 54ms
53ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je4990v885240988za200&_p=1726016722581&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1410444904.1726016723&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&sid=1726016722&sct=1&seg=1&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&_s=3&tfd=6671
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://uat-hsbc-membersite.podiumrewards.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Sep 2024 01:05:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat-hsbc-membersite.podiumrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.us.hsbc.com
URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon.ico

Domain: http
URL: https://http//www.issthk-dev.hsbc.com.hk:33001/2944/handler9/session.json

Domain: http
URL: https://http//www.issthk-dev.hsbc.com.hk:33001/JavascriptInsert.js

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=52516473

Domain: www.us.hsbc.com
URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon-16x16.png

Domain: www.us.hsbc.com
URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon-32x32.png

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.podiumrewards.com/	1970-01-21 09:02:56	Name: _ga Value: GA1.1.1410444904.1726016723
.podiumrewards.com/	1970-01-21 03:46:08	Name: optimizelyEndUserId Value: oeu1726016723161r0.5366200405712893
.podiumrewards.com/	1970-01-21 09:02:56	Name: _ga_X8HWFME6KP Value: GS1.1.1726016722.1.1.1726016723.0.0.0
.uat-hsbc-membersite.podiumrewards.com/	1970-01-20 23:48:32	Name: mkt_c Value: ZZZZZZZZZZ
.podiumrewards.com/	1969-12-31 23:59:59	Name: usy46gabsosd Value: HSBCUSSIT_17260167245140.d7c99de22aa6a148d89ecc16a658d810_2944
.doubleclick.net/	1970-01-21 09:02:56	Name: IDE Value: AHWqTUlbuihWXu0hG-QT5TZ37p0Wf7N0eNwvugudaBdt64-MmQph26elJWSldC7ILaQ
.tealiumiq.com/	1970-01-21 08:12:32	Name: TAPID Value: hsbc/wpb-stream-us>0191de9d1cdb001e1dab7915ab2f05065002e05d00b08\|
.amazon-adsystem.com/	1970-01-21 04:17:49	Name: ad-id Value: Aw6GEIrhUklRlQbEGsljitc
.amazon-adsystem.com/	1970-01-21 09:02:56	Name: ad-privacy Value: 0
.podiumrewards.com/	1970-01-21 08:12:32	Name: utag_main Value: v_id:0191de9d1cdb001e1dab7915ab2f05065002e05d00b08$_sn:1$_se:1$_ss:1$_st:1726018524194$ses_id:1726016724194%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_group:33$_prevpage:Home%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$amsyncran:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.podiumrewards.com/	1970-01-21 01:36:32	Name: _fbp Value: fb.1.1726016724949.342051231873420936
.tealiumiq.com/	1970-01-21 03:49:01	Name: tcs.google_cver Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiIxfDE3MjYwMTY3MjUwNDkifQ==
.tealiumiq.com/	1970-01-21 03:49:01	Name: tcs.google_gid Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiJDQUVTRUJWY3hwY2tFSkd0b2RDbXlWX3RrTEF8MTcyNjAxNjcyNTA0OSJ9

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://http//www.issthk-dev.hsbc.com.hk:33001/2944/handler9/session.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://http//www.issthk-dev.hsbc.com.hk:33001/JavascriptInsert.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon.ico Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameSite
security	error	URL: https://uat-hsbc-membersite.podiumrewards.com/ Message: Refused to execute script from 'https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=0191de9d1cdb001e1dab7915ab2f05065002e05d00b08&dcc=t' because its MIME type ('image/gif') is not executable.
network	error	URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon-16x16.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameSite
network	error	URL: https://www.us.hsbc.com/etc/designs/dpws/common/favicons/favicon-32x32.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameSite

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.optimizely.com
cdn3.optimizely.com
cm.g.doubleclick.net
collect-us-east-1.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
http
logx.optimizely.com
lptag.liveperson.net
s.amazon-adsystem.com
s3.amazonaws.com
tags.tiqcdn.com
uat-hsbc-api.podiumrewards.com
uat-hsbc-membersite.podiumrewards.com
visitor-service-us-east-1.tealiumiq.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.us.hsbc.com
http
lptag.liveperson.net
www.us.hsbc.com
104.18.65.57
104.18.66.57
142.250.65.238
142.250.72.98
142.251.40.168
157.240.241.1
157.240.241.35
172.64.152.14
18.164.116.77
23.218.113.175
3.231.66.127
34.49.241.189
44.197.127.38
44.205.149.39
52.0.231.140
52.216.62.48
52.46.155.104
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
055314c500e0071226cf3672758f46eaf3b54dc5ab4cfd9f3d712ff6e4b7d96f
0678cc93a11f6cb8517d897979975ce85508b282c5521dd9f36a730358d48a5f
07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41
097d266cc517d53f8f1aa7c2d6d7470d1ac7acc834bb6a55f21117ef6cb953cc
0c152bffb8ee9a1d9217e7058c73c9f36285c5c38443bf0f357652f18d69b674
10ba9e7a6662d026ab340d7eb7a290fbb58c50474ff2d5f3813872445732194b
13dd18dd40b3d3787c2ac32ce242cf7b51dcb0ddcc12aac9ca8066c0a51755e9
14b89b6805ceb60919841ac998cbaf99b93b4064ce7f088602399ada9d02fc1e
1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca
214e11ea56b4b4ec2ce0f0202dbf2315b76d9a5681bfe380ac0c2e35a9c1213c
23f35ef23788c464bc5b2f9833a22281b7bf8e6d2a6d9e4843e7b7975ac78ce4
2be62f3b530f1b20e785d0e385918ae1173fc0c5f53c3ff23b7bcc9ee477cd18
2da247295b4ef81ed749a43d8637daeea0c504990dcdfc101d912c9c9cdd3fc3
2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6
30640a490e09adfc613279eb129c6daf72bb9b4df4059e9ea0a1482a672e9086
3172fc418f1ff5593ef39678e9c89b2a005859f0f9f69ac5a74d9cb9ba46b903
41d4822eeb2a0671787f2e2747ad8b68031c1619c411e94d0835c3d3e759d7cd
471808443cc2dccc764e80c8c7639f6f8577c80dc299daddb92a8a9d61fa7492
552660cff11abb259b259dae8f9223f809b50055e7180325dc1b69ec75591741
5c3972953bc31004e13c1dcf446f4903a566b5e74220622dc4eb4252cd69f578
5cc83e23f47fca30bcc627e53a4079786ea1d04627314f0b65761e0cd9b6d05d
5e4caacec8bac5b538f112a6674e54403554bd84dc750b10465d330f4681c144
5efa39f197b08d1a4d7fa52479261554ffe09690778305ccc8b4650d83684c63
64fc94f1044bcbc13cfdfa17aa6253fc3b5192884f478e547797ef17d6eb79e0
65e0779e52d4201cc9a048f5f5ae9d4a868bc069f8eac56886f7a4064b795892
678fbf949b673a6d96730974d5acd5cece930eb86f3638fbedd3cc0d880a8414
7ef9433cc375b3490b901db9d790b187105a13b3840228027f27e250b604ab3f
87989d3a600bea1dd5669bbda4644aef64d87686821779c5a10a4619935d199f
8b86691612d0c5212bae88d1e0eb944f84845be08fcc6ead02fa26777e0b2d3f
8e91505e91e5989c88abc48d043144abd44030c98b56f292e1b5400a328cb1f6
91ec9447388a7f71da04b3f1e72932aaf2086312e56d69d52bebf1d4603dd3c5
950ae1b2cf55dc0432b298ca60adb7a9604c4f7f2dbc1bfc67f4469b8b88e8e1
9de732f25d6c2f5d51857268a92569c543ed4cae375c3c0bf7371b1c03fe807e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c288b0dc231e8e3a39ae81b088c5780e9dd6b622e556d38ed32605cbb5082b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3bdaa7dc03925c3ada028ba58a2018392e8ea53d32566a88a2b0e51a2c79622
a6225cbccccb5e3daa2b74ec79ed0101bb9d72516c0b7f71588bebe5c50a542a
a8272aa1db9d3480238c394a7b56ddf2108112d12ed28be496780bbf1a285903
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae95a03eef6d41630394065f19c2e4f7439368410a3b96f805cb9084cd9ee2eb
b4266221dd20d862fad9af69fefde6ecdb92191d66e293d8a5cd344f83d7bac6
b55ca12ef0a89965c5621f4bafd0d561c1cd5f9e9bae51e1aee71581aab710ef
b76f208ad774d5a280a2c531333eae263dad83cebf79f0c466908738f516ab43
c0bc26bb44e78292baab4306badf5cd4a82e59bad206c0004cf7f86cc6cae38d
c97b13983b077da2b1233b19f2140b313316d6c34df91263174d6072e80df1fd
cbbbfe1080afcefc3c2518e6f5be9c449ae18084f56fdaad0e543be76e4466bf
d43d097c51de6572a93aef473b04339a54fb20a687d2b5303c2a581eb132bf8f
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
de441554d156f3d1587ad914d3bdd7abf0164852e00b9da68532d8659f683bcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5259ee7a3f046022d6b86bc4fab415d4d1777323e01c53eb15f38907c628ff0
e5ee02dd69a24f8094052dc62a1de550deeb18321cc06fd994f743236ca54629
e826d525e772eaeae32f6d313a0f7837ab7a8d6e92bc622087d32aefaa8da3c4
febac3369651a4f3506bf8ff5cd605d266ae518ef1a8a80b120d00192e17d81a

uat-hsbc-membersite.podiumrewards.com Open in urlscan Pro 44.205.149.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

88 %HTTPS

0 %IPv6

14 Domains

21 Subdomains

17 IPs

2 Countries

3835 kBTransfer

5604 kBSize

13 Cookies

3 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uat-hsbc-membersite.podiumrewards.com Open in urlscan Pro
44.205.149.39 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

88 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

17
IPs

2
Countries

3835 kB
Transfer

5604 kB
Size

13
Cookies

64 HTTP transactions
5 data transactions