urlscan.io logo urlscan.io
SecurityTrails logo

uat-hsbc-membersite.podiumrewards.com Open in urlscan Pro
34.192.148.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uat-hsbc-membersite.podiumrewards.com/
Effective URL: https://uat-hsbc-membersite.podiumrewards.com/
Submission: On June 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 13 domains to perform 60 HTTP transactions. The main IP is 34.192.148.35, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is uat-hsbc-membersite.podiumrewards.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 2nd 2023. Valid for: a year.
This is the only time uat-hsbc-membersite.podiumrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 34.192.148.35 14618 (AMAZON-AES)
12 99.84.108.87 16509 (AMAZON-02)
1 209.85.201.97 15169 (GOOGLE)
1 23.220.128.152 16625 (AKAMAI-AS)
3 209.85.232.100 15169 (GOOGLE)
1 104.96.226.235 16625 (AKAMAI-AS)
1 104.94.118.158 16625 (AKAMAI-AS)
4 34.192.241.152 14618 (AMAZON-AES)
1 96.7.21.231 16625 (AKAMAI-AS)
2 31.13.66.19 32934 (FACEBOOK)
1 2 52.46.130.91 16509 (AMAZON-02)
2 18.205.198.246 14618 (AMAZON-AES)
2 2 74.125.192.155 15169 (GOOGLE)
1 34.195.152.114 14618 (AMAZON-AES)
2 31.13.66.35 32934 (FACEBOOK)
4 52.216.50.224 16509 (AMAZON-02)
1 34.49.241.189 396982 (GOOGLE-CL...)
60 17
20    34.192.148.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-148-35.compute-1.amazonaws.com
uat-hsbc-membersite.podiumrewards.com
12    99.84.108.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-87.iad79.r.cloudfront.net
tags.tiqcdn.com
1    209.85.201.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f97.1e100.net
www.googletagmanager.com
1    23.220.128.152 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-152.deploy.static.akamaitechnologies.com
cdn.optimizely.com
3    209.85.232.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f100.1e100.net
www.google-analytics.com
1    104.96.226.235 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-226-235.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    104.94.118.158 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-118-158.deploy.static.akamaitechnologies.com
a19069622224.cdn.optimizely.com
4    34.192.241.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-241-152.compute-1.amazonaws.com
uat-hsbc-api.podiumrewards.com
1    96.7.21.231 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-7-21-231.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    18.205.198.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-198-246.compute-1.amazonaws.com
collect-us-east-1.tealiumiq.com
datacloud.tealiumiq.com
2    74.125.192.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f155.1e100.net
cm.g.doubleclick.net
1    34.195.152.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-152-114.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
4    52.216.50.224 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
Apex Domain
Subdomains		 Transfer
24 podiumrewards.com
uat-hsbc-membersite.podiumrewards.com
uat-hsbc-api.podiumrewards.com
2 MB
13 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1321
akamai.tiqcdn.com — Cisco Umbrella Rank: 13666
124 KB
4 amazonaws.com
s3.amazonaws.com
1 MB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 832
cdn3.optimizely.com — Cisco Umbrella Rank: 6750
a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 116432
logx.optimizely.com — Cisco Umbrella Rank: 1676
143 KB
3 tealiumiq.com
collect-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 41869
datacloud.tealiumiq.com — Cisco Umbrella Rank: 7759
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 11361
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
377 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 345
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
94 KB
0 hsbc.com.hk Failed
mcm-sit-us.hsbc.com.hk Failed
0 liveperson.net Failed
lptag.liveperson.net Failed
60 13
Domain Requested by
20 uat-hsbc-membersite.podiumrewards.com uat-hsbc-membersite.podiumrewards.com
12 tags.tiqcdn.com uat-hsbc-membersite.podiumrewards.com
tags.tiqcdn.com
4 s3.amazonaws.com uat-hsbc-membersite.podiumrewards.com
4 uat-hsbc-api.podiumrewards.com uat-hsbc-membersite.podiumrewards.com
3 www.google-analytics.com www.googletagmanager.com
2 www.facebook.com uat-hsbc-membersite.podiumrewards.com
2 cm.g.doubleclick.net 2 redirects
2 s.amazon-adsystem.com 1 redirects uat-hsbc-membersite.podiumrewards.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
1 logx.optimizely.com cdn.optimizely.com
1 visitor-service-us-east-1.tealiumiq.com tags.tiqcdn.com
1 datacloud.tealiumiq.com uat-hsbc-membersite.podiumrewards.com
1 collect-us-east-1.tealiumiq.com tags.tiqcdn.com
1 akamai.tiqcdn.com tags.tiqcdn.com
1 a19069622224.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com tags.tiqcdn.com
1 www.googletagmanager.com uat-hsbc-membersite.podiumrewards.com
0 mcm-sit-us.hsbc.com.hk Failed tags.tiqcdn.com
0 lptag.liveperson.net Failed tags.tiqcdn.com
60 20

This site contains links to these domains. Also see Links.

Domain
www.us.hsbc.com
Subject Issuer Validity Valid
*.podiumrewards.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-29		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-16 -
2024-11-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M02		 2023-07-26 -
2024-08-23		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
logx.optimizely.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2024-11-10		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://uat-hsbc-membersite.podiumrewards.com/
Frame ID: E322AAB5230A7BC80171AA722BB30B72
Requests: 64 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: F1D6AE4BD523CFDD32411E939D6BC4C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HSBC Rewards - Home page

Page URL History Show full URLs

  1. http://uat-hsbc-membersite.podiumrewards.com/ HTTP 307
    https://uat-hsbc-membersite.podiumrewards.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

60
Requests

92 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

17
IPs

1
Countries

4041 kB
Transfer

5779 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uat-hsbc-membersite.podiumrewards.com/ HTTP 307
    https://uat-hsbc-membersite.podiumrewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08&dcc=t
Request Chain 48
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us HTTP 302
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_tc= HTTP 302
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESELQW74O_eyvatjttRzOghlA&google_cver=1

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat-hsbc-membersite.podiumrewards.com/
Redirect Chain
  • http://uat-hsbc-membersite.podiumrewards.com/
  • https://uat-hsbc-membersite.podiumrewards.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
fdea52ea78ac289e3b282329516a34dc20e40582c215f05fe4ec0d65f43ad2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
3686
content-type
text/html
date
Wed, 12 Jun 2024 23:14:04 GMT
etag
"661564aa-e66"
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
pragma
no-cache
referrer-policy
origin
server
nginx/1.25.3
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block

Redirect headers

Location
https://uat-hsbc-membersite.podiumrewards.com/
Non-Authoritative-Reason
HttpsUpgrades
utag.sync.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.sync.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6857f1f262e4bbfdb85e705b9cf27372ca0691d078587f0eb14529d8b18df526

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
x-amz-version-id
MISEROdSq24JSLRmr2boQRkcXS1MNqxt
content-encoding
br
last-modified
Mon, 10 Jun 2024 07:15:23 GMT
server
AmazonS3
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
etag
W/"a0c698ac7ad57aca000affb44c7dc0cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
ZMOeNb55t9cUoFCpGbfkZTlqAH7bixrvvJNUxLzRV2JFY7JDOLo33A==
js
www.googletagmanager.com/gtag/ 		269 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
03e2cd2dfd3b142604cab60fce801488fb3d9c82a1664b7f1ba19835ae11b642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95535
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 23:14:04 GMT
f927cac.js
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/f927cac.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
122c5d86f34f81ac9bf81b706a65dad318ee5cc62eaf5649a93eb5259821422f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
2888
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-b48"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
b9a5928.js
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 		300 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/b9a5928.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
0111e6346210e97ad77b96363339dd17bf2fc7947db2c83090a9d66aba236213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
306997
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-4af35"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
25d5860.js
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 		901 KB
902 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/25d5860.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
b892102f32aea881eb472d85486625e0bdcf55b1d65d598d2affd3ddaf23c36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
922551
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-e13b7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
959964f.js
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 		638 KB
639 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/959964f.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
3ecd9219549dbd4a574632ac1cd417fdd12a2a7919f2f9b59ee0daf91ae9af7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
653429
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-9f875"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
20375190679.js
cdn.optimizely.com/js/ 		904 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20375190679.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.128.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-128-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af8554a1ea79626669cf9e0f50cad6704d79a69e6b2a475f9c671d2dbbac19c0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
YWUs7aBuZciCEEvStAEedUHhNyTkfUBj
content-encoding
gzip
date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
ZARHHET2W94CXS2G
x-amz-server-side-encryption
AES256
x-amz-meta-revision
2747
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="15";dur=0,cdnip;desc="23.220.128.152";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1718234044329_400219927_105730562_688_1794_15_39_146";dur=1
content-length
144730
x-amz-id-2
l7PL8l8UnCXrbt1mxC+n+63+wOmPIaHvRcND6Gk9Q2FQKJuCDjyUgFMwML7xLH6wWF48OzXV7IU=
last-modified
Mon, 10 Jun 2024 13:26:37 GMT
server
AmazonS3
etag
"57d8b883e4f4e4b7d59251557f0d0826"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
e1de1e0.js
uat-hsbc-membersite.podiumrewards.com/_nuxt/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/e1de1e0.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/f927cac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
3be26900401b52018ec089aae02621f367245920123530c846f955fdae300da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
21224
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-52e8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
UniversNext-regular.91732db.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-regular.91732db.woff2
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
e826d525e772eaeae32f6d313a0f7837ab7a8d6e92bc622087d32aefaa8da3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Origin
https://uat-hsbc-membersite.podiumrewards.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
36896
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-9020"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
collect
www.google-analytics.com/g/ 		0
269 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je46a0v885240988za200&_p=1718234044269&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1091170953.1718234045&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718234044&sct=1&seg=0&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 23:14:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je46a0v885240988za200&_p=1718234044269&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1091170953.1718234045&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718234044&sct=1&seg=0&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&en=scroll&epn.percent_scrolled=90&_et=4&tfd=631
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 23:14:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geo4.js
cdn3.optimizely.com/js/ 		307 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.96.226.235 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-226-235.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
988b840c94e93e8da108d19d8fc0825c079bea7a1e6993e41fee3989832106d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Wed, 12 Jun 2024 23:14:04 GMT
Server
AmazonS3
x-amz-request-id
P7FADF3F5R0AAF8N
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=23546
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
307
x-amz-id-2
cvTQRjO6F1zJwZ8AutFLR6lZzRkjrceGXg9ziEVgG6DtKhzvFLP3x0luBGIyAr7I4m7VbLPRKY4=
a19069622224.html
a19069622224.cdn.optimizely.com/client_storage/ Frame F1D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.118.158 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-118-158.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1210
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 23:14:04 GMT
etag
"0cbba85584edc49dffdde91cd6cf441d"
last-modified
Wed, 12 Jun 2024 23:11:14 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=20 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="15";dur=0,cdnip;desc="104.94.118.158";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1718234044729_400321360_1402769562_2031_2343_16_42_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 1201 0 pmb=mRUM,2
x-amz-id-2
e0t6RkhjjIxjN4dLKDVJq1F8mOHFayD+oym58+xnO+2E/gePZVL3nGvSRCYfe+Tl2jb6sKRIqdA=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
N76BF21SRK1HJD0B
x-amz-server-side-encryption
AES256
x-amz-version-id
6VIdc8TazYlAXqWUrzPSGhXN8o3NsN.4
HSBC_Thumbnail_2.jpg
uat-hsbc-membersite.podiumrewards.com/images/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/HSBC_Thumbnail_2.jpg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
3172fc418f1ff5593ef39678e9c89b2a005859f0f9f69ac5a74d9cb9ba46b903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
61223
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-ef27"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
HSBC_Thumbnail_3.jpg
uat-hsbc-membersite.podiumrewards.com/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/HSBC_Thumbnail_3.jpg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
678fbf949b673a6d96730974d5acd5cece930eb86f3638fbedd3cc0d880a8414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
57965
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-e26d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
egift_banner.png
uat-hsbc-membersite.podiumrewards.com/images/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/egift_banner.png
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
8e91505e91e5989c88abc48d043144abd44030c98b56f292e1b5400a328cb1f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
111732
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-1b474"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
merch_tiles.png
uat-hsbc-membersite.podiumrewards.com/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/merch_tiles.png
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
de441554d156f3d1587ad914d3bdd7abf0164852e00b9da68532d8659f683bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
50579
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-c593"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
cash_back_tiles.png
uat-hsbc-membersite.podiumrewards.com/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/cash_back_tiles.png
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
d43d097c51de6572a93aef473b04339a54fb20a687d2b5303c2a581eb132bf8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
41850
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-a37a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
UniversNext-medium.97263e9.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-medium.97263e9.woff2
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
10ba9e7a6662d026ab340d7eb7a290fbb58c50474ff2d5f3813872445732194b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Origin
https://uat-hsbc-membersite.podiumrewards.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
36784
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-8fb0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
UniversNext-light.279f687.woff2
uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-membersite.podiumrewards.com/_nuxt/fonts/UniversNext-light.279f687.woff2
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
097d266cc517d53f8f1aa7c2d6d7470d1ac7acc834bb6a55f21117ef6cb953cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Origin
https://uat-hsbc-membersite.podiumrewards.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
36404
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-8e34"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
utag.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		397 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32f47fbbe4da00e31e8dde5782b71d0f15836d79aca2908d15095098e7d802fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CC_JXogFns07VRfg0zJlN_1pFHquOUt_
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:05 GMT
last-modified
Mon, 10 Jun 2024 07:15:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"6ba0c2a3424b17ff91bc8d49a10be29e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
Tl_ljzZErARGQjk7IBHAgl_2LyeNg97xxvnjbU4m3Yr7pXGdIXMyeA==
page
uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/ 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/page
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/b9a5928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.241.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-241-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
15db8870286bbf80a9568930f9ee47535a9c9318f3574e91c67cecea42f541a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers
Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control
no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
page
uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/ 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-api.podiumrewards.com/v1/guest/program/hsbc/cms/page
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/b9a5928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.241.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-241-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6787d50b9a9e82e6c2308afe43b3d487da6b31611633888eaa0028890435e01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers
Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control
no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76f208ad774d5a280a2c531333eae263dad83cebf79f0c466908738f516ab43

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4266221dd20d862fad9af69fefde6ecdb92191d66e293d8a5cd344f83d7bac6

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
menu.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 		502 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/icons/menu.svg?data
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
552660cff11abb259b259dae8f9223f809b50055e7180325dc1b69ec75591741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
502
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-1f6"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
hsbc-brand-logo-no-text.svg
uat-hsbc-membersite.podiumrewards.com/images/ 		543 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/hsbc-brand-logo-no-text.svg?data
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
2be62f3b530f1b20e785d0e385918ae1173fc0c5f53c3ff23b7bcc9ee477cd18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
543
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-21f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
program-registration
uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/ 		127 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-api.podiumrewards.com/v1/member/program/hsbc/program-registration
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/b9a5928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.241.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-241-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8b86691612d0c5212bae88d1e0eb944f84845be08fcc6ead02fa26777e0b2d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers
Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control
no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
product
uat-hsbc-api.podiumrewards.com/v1/guest/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-hsbc-api.podiumrewards.com/v1/guest/product?currency_id=1&program_slug=hsbc&count=4&facets=%7B%22category.lvl0%22:[%22Monthly+Specials%22]%7D
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/_nuxt/b9a5928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.241.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-241-152.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2746111bd30acafc812a10457d64f8d70c210f258cb115ca4e3514d5f3e44e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers
Authorization, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
cache-control
no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pause.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 		289 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/icons/pause.svg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
9de732f25d6c2f5d51857268a92569c543ed4cae375c3c0bf7371b1c03fe807e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
289
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-121"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
truncated
/ 		386 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
location.js
akamai.tiqcdn.com/location/ 		18 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.7.21.231 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-7-21-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 23:14:04 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=CA,region_code=ON,city=TORONTO,areacode=0,zip=M3H+M3M+M4B+M4C+M4E+M4G+M4H+M4J+M4K+M4L+M4M+M4N+M4P+M4R+M4S+M4T+M4V+M4W+M4X+M4Y+M5A+M5B+M5C+M5E+M5G+M5H+M5J+M5K+M5L+M5M+M5N+M5P+M5R+M5S+M5T+M5V+M5W+M5X+M6A+M6B+M6C+M6E+M6G+M6H+M6J+M6K+M6L+M6M+M6N+M6P+M6R+M6S+M7A+M7Y+M9M+M9N+M9P+M9W,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Thu, 27 Jun 2024 23:14:04 GMT
utag.680.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		133 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.680.js?utv=ut4.47.202308221927
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d24cd7ab6736f119e377162ab1b330775fc33a5dfb37f876361b87b45b1a03ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
j6RUBw2o5hUnG..wP3fXSMutfS2x6AFe
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:05 GMT
last-modified
Mon, 10 Jun 2024 07:15:13 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"512bcb917fe7e2b83474611f4ab1a9b5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
6pPyATJXdW_rbpQA0PNj9o42tc_YpHkU5wtPdqjSWqGH-ZBiEAerQw==
utag.87.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.87.js?utv=ut4.47.201809120524
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef3d080897bd8dd58a92eb60de34b56e34742dc57cca1e4a6cfe59c4e5943d28

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BQ5VY7yupiqrEIWVf11lOrrbA23S.uk0
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:16 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"cb32ad97973ea944014fb4bb6f8db482"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ZqrtfLN6XpZ43ptqYIAGGkqzpjcpkua3PS-GZFYfkLRos_1iy-WhRg==
utag.384.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.384.js?utv=ut4.47.202404010402
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05a4772e19a0d2483773510a4b92da70e084a9d047cb87bb19df60e93575bd7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
byrHd4qbgnw7TTQXnrSWo6evfipXxxsH
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:09 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"aa482532f714a259453dd667084a0de4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
hAc7NIlq3fjVrs4Hgr7rT05VTEVST5c03glenxsvBRIaFDFZK1gkWA==
utag.518.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.518.js?utv=ut4.47.202206281633
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03e426c5f86641f3df96e2aa41268422e098a496306c342c9efe1feb34bdd377

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
e1oLPm0MCDKLRP0YvFMy29AkASz0pysJ
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"01d7a912fdd2a8fcff999d32737bb112"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
29jTOAQKPyAaMqIt3Al04rs4WQeaRqeMBRQV53XANYTK78zTimMT5g==
utag.550.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.550.js?utv=ut4.47.202112230311
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9a4fef3ad28c3f422d8a3dd803f8876cd7ee45097f687f00ef0e62a95383094

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1Wp3Lf2F2LeRG4ygGCG08avLFnpHge0X
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"ab1f0402ef5056c4ab13a3a1264fa530"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
oAChnRR4TvoL_XdB5Dn49Fw02nDRpv7DWpgy83SXMTQtZagq65IUpQ==
utag.612.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.612.js?utv=ut4.47.202206151142
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23a69419b86bd3126dbe662c344f972c3646e2016cd9da1befb5d5dce991a54f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fSMOp62piw0Gf4zeLTGZTXoocqBDDgaQ
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"57f512fc4a01164b3cbc7dcefa6a904e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
gsOoUUVJP2A0bttug4x4QH8WJohYfUsXCiMaf9SNlJSmHU2zBVh4Jw==
utag.633.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.633.js?utv=ut4.47.202311220520
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee9adcb3a6f17785281f7b87a41d2016448799afc8cbd61214a143b010da5be4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
7kGhZiG9LYXEGjEzu.JN7k5uxBUSli19
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"92e731ff7aa96143d2ea700792fc693a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
MmOnW3yKdfbNzyh5fYgk24oeMwUUSvuOKWWVojdvX5wh7svr8ICQ6A==
utag.655.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.655.js?utv=ut4.47.202401051024
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c366ee6995ebf3eb54734b1b25fa3a06eebbc664c7a689f9cbfadef0c6e17b81

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JMaKApHcfGcj7_XLm_qbwEuzxv6jKWWW
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"b933aa9bea9ec622ba101d852b671164"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
fNcEU232YmpNJp_FTdMU53jSS7I90iWCubr22dYKe1NvZG0zNYMoVA==
utag.659.js
tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.659.js?utv=ut4.47.202211301019
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b6a1b274e1c3eb4d1ced6916f436ed0f8d821e4e5bd95191e6417f3bae7ffb5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HZyImmoLBY.cTkF8Y1fmSljRbSZxGI1S
content-encoding
br
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
date
Wed, 12 Jun 2024 23:14:06 GMT
last-modified
Mon, 10 Jun 2024 07:15:19 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
etag
W/"12ceaf02406f2578c6ee958dbac3b80c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
PJJxvPYVNn6PGKen0loMMNuOEfRbnwQqMjILMZ_XkzxmWgGgWpLrHQ==
tag.js
lptag.liveperson.net/tag/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.518.js?utv=ut4.47.202206281633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 23:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
J+2kDZHDgKQDudZAwCEv8o8zq52UjSdrgkT/J1t6xW6V27TCY2uLCifyN1G6vbnPiYIbKaMKc4gN+kA5GS+pWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08
  • https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08&dcc=t
43 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08&dcc=t
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 Jun 2024 23:14:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W9GMAMPEAF1ZSGMS964B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 Jun 2024 23:14:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CSJH10D2BW655TXHAB0W
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
session.json
mcm-sit-us.hsbc.com.hk/7532/handler9/ 		0
0
JavascriptInsert.js
mcm-sit-us.hsbc.com.hk/ 		0
0
i.gif
collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/ 		43 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.633.js?utv=ut4.47.202311220520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.198.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-198-246.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryrE48i0lAffiGuAKz

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
x-serverid
uconnect_i-0ac5149dae67625d7
x-tid
01900ebad9cd0002f45d27a44e530506f002e06700b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
hsbc:wpb-stream-us:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
01900ebad9cd0002f45d27a44e530506f002e06700b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
x-ulver
48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
f3b53693-b488-4103-87cc-daadb62e4999
expires
Wed, 12 Jun 2024 23:14:05 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/us-rbwm/202406100712&cb=1718234045065
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-87.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 12 Jun 2024 23:07:48 GMT
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
aIOcXkcyRJA_x54hOqXT5dofYIhvSKR_zh4EyHB41iQmqZC7zA3BBA==
i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-strea...
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stre...
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESELQW...
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESELQW74O_eyvatjttRzOghlA&google_cver=1
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Server
18.205.198.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-198-246.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 23:14:05 GMT
x-serverid
uconnect_i-0c40d0c4fa8674561
x-tid
01900ebad9cd0002f45d27a44e530506f002e06700b08
x-did
01900ebad9cd0002f45d27a44e530506f002e06700b08
vary
Origin
content-type
image/gif
x-acc
hsbc:wpb-stream-us:2:vdata
x-ulver
48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region
us-east-1
content-length
43
x-uuid
5acdc020-3e14-4c0b-85af-f2e580a3324c
expires
Wed, 12 Jun 2024 23:14:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jun 2024 23:14:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01900ebad9cd0002f45d27a44e530506f002e06700b08&tealium_account=hsbc&tealium_profile=wpb-stream-us&google_gid=CAESELQW74O_eyvatjttRzOghlA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
01900ebad9cd0002f45d27a44e530506f002e06700b08
visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/ 		36 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/hsbc/wpb-stream-us/01900ebad9cd0002f45d27a44e530506f002e06700b08?callback=utag.ut%5B%22writevawpb-stream-us%22%5D&rnd=1718234045202
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/us-rbwm/qa/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.152.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-152-114.compute-1.amazonaws.com
Software
/
Resource Hash
07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-version
5bb250642aee1969f11538f6e000acbc52752b43-SNAPSHOT
date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
us-east-1
content-length
36
x-nodeid
i-02b4dc588754de708
content-type
application/javascript; charset=utf-8
405421264201379
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/405421264201379?v=2.9.158&r=stable&domain=uat-hsbc-membersite.podiumrewards.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
a12ebb312a1b6432413e84f84bf1d4abbbe903f02837043306157bd005ee2739
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 23:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=62, mss=1380, tbw=63512, tp=-1, tpl=-1, uplat=63, ullat=0
pragma
public
x-fb-debug
o1mBWpGD+qOuispZW0JGa+IxQTHEDS6+59TjCWTnppgClGD2ngGF20+9xp8WA4UKD28ElNKRqoJ7F6bPpcRcdQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&rl=&if=false&ts=1718234045338&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=2501b6984323d1521fbe349cf4eeb309cc0b3a538146fcfbf7781de8d39a47f4&v=2.9.158&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1718234045337.265070401652240197&ler=empty&cdl=API_unavailable&it=1718234045221&coo=false&eid=b2692933fd122879fa4a7f2ee6dfabb8&tm=1&rqm=GET
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Jun 2024 23:14:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=405421264201379&ev=PageView&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&rl=&if=false&ts=1718234045338&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=2501b6984323d1521fbe349cf4eeb309cc0b3a538146fcfbf7781de8d39a47f4&v=2.9.158&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1718234045337.265070401652240197&ler=empty&cdl=API_unavailable&it=1718234045221&coo=false&eid=b2692933fd122879fa4a7f2ee6dfabb8&tm=1&rqm=FGET
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc1a39dcb5e43b3bc","source_keys":["1","2"]},{"key_piece":"0x7d99ce67b672b54a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 12 Jun 2024 23:14:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7379759030666567687", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1380, tbw=3095, tp=-1, tpl=-1, uplat=170, ullat=0
pragma
no-cache
x-fb-debug
E6RrIV9hYb70juBqs2W4qz2KLikLWhAQlgrCAstJFQ7f3/rzztk5RS7Jws7yYaxcjPNpAQD4rJ7b4ukg7QwbjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379759030666567687"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379759030666567687"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c3972953bc31004e13c1dcf446f4903a566b5e74220622dc4eb4252cd69f578

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbbbfe1080afcefc3c2518e6f5be9c449ae18084f56fdaad0e543be76e4466bf

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://uat-hsbc-membersite.podiumrewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
cr1180_amazon_ban_lg.jpeg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 		386 KB
386 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/cr1180_amazon_ban_lg.jpeg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.50.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e1889e4f11467972c456328350d85b6fe6ee687fbd63fa784111aac978cef95d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 23:14:06 GMT
x-amz-version-id
h8HENr6WL8Ve3kn4NSlaB0CGx4xNxGJb
Last-Modified
Tue, 01 Jun 2021 17:49:57 GMT
Server
AmazonS3
x-amz-request-id
WRKA04VBFEAX21PJ
ETag
"c5b9ec729f7eed070fdb853fd25c285c"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
395060
x-amz-id-2
MPW++/VftMjab9nBhoJkmUy1Sy+ut797VwK5jSZiKJhmM3y7Sh6RPxIvmSNp0mO48OPrgkOVCsU=
Promo%20Banner%20Image.jpeg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 		299 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/Promo%20Banner%20Image.jpeg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.50.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7dbaf714806b2be1e7ddbe7cd9ce432797872e4df76c5609912595f13a874706

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 23:14:06 GMT
x-amz-version-id
e8zTBSPuzYfYA_lvPWfU.NvxgO6EKU8P
Last-Modified
Thu, 26 Aug 2021 15:08:54 GMT
Server
AmazonS3
x-amz-request-id
WRKCJW4PMXJEXRBT
ETag
"c408ed3a05cda2881abbbc66b1fdfb41"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
305814
x-amz-id-2
HyeQvqivnmAAuU81Zvp5GiRIKA6XBw6tanuokfw4hxNXS9+uh5REIXUA2LO9muVT65cqk1IE+dE=
HSBC_Header_2.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 		347 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/HSBC_Header_2.jpg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.50.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
214e11ea56b4b4ec2ce0f0202dbf2315b76d9a5681bfe380ac0c2e35a9c1213c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 23:14:06 GMT
x-amz-version-id
PT7jLEgH3aAh8kvoZ_M9pygpF6Bg04me
Last-Modified
Wed, 04 Nov 2020 19:03:22 GMT
Server
AmazonS3
x-amz-request-id
WRKETKQJE4K2QJZ8
ETag
"da11605ad13539f508427057c4569f14"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
354913
x-amz-id-2
7rUCsi4HV6And5dEPc1kAOTUabxKjl3RKQIqq0C9jWc/0BXbdkxsNLPWheEHhtYErL/lSRmdp78=
HSBC_Header_3.jpg
s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/ 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/uat-hsbc-podium-bucket/images/programs/1/cms/HSBC_Header_3.jpg
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.50.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a8272aa1db9d3480238c394a7b56ddf2108112d12ed28be496780bbf1a285903

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 23:14:06 GMT
x-amz-version-id
xAbnH57JWcDRlu9R50xyNFdjpSD8QNtr
Last-Modified
Wed, 04 Nov 2020 19:04:03 GMT
Server
AmazonS3
x-amz-request-id
WRKD4518F3P3HNGR
ETag
"ebd68c87009c15c829b501c909ffa79f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
259642
x-amz-id-2
fU5FwtSmWeTBqMXUYLBBVTJUSq1OS/kuT/Mf+CUJeJHFP+Pcv9/enuWPLnewU8pQOTMw6U6ZAQA=
chevron-right-thick-red.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 		386 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-right-thick-red.svg?data
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
386
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-182"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
chevron-left-thin.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 		384 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-left-thin.svg?data
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
7ef9433cc375b3490b901db9d790b187105a13b3840228027f27e250b604ab3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
384
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-180"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
chevron-right-black.svg
uat-hsbc-membersite.podiumrewards.com/images/icons/ 		382 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-hsbc-membersite.podiumrewards.com/images/icons/chevron-right-black.svg?data
Requested by
Host: uat-hsbc-membersite.podiumrewards.com
URL: https://uat-hsbc-membersite.podiumrewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.148.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-148-35.compute-1.amazonaws.com
Software
nginx/1.25.3 /
Resource Hash
950ae1b2cf55dc0432b298ca60adb7a9604c4f7f2dbc1bfc67f4469b8b88e8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
382
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Tue, 09 Apr 2024 15:54:18 GMT
server
nginx/1.25.3
etag
"661564aa-17e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
events
logx.optimizely.com/v1/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375190679.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jun 2024 23:14:05 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
65a10eff-3486-47bf-9a4e-b9cd72bb2939
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X8HWFME6KP&gtm=45je46a0v885240988za200&_p=1718234044269&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1091170953.1718234045&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&sid=1718234044&sct=1&seg=1&dl=https%3A%2F%2Fuat-hsbc-membersite.podiumrewards.com%2F&dt=HSBC%20Rewards&_s=3&tfd=5640
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X8HWFME6KP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://uat-hsbc-membersite.podiumrewards.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 23:14:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uat-hsbc-membersite.podiumrewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lptag.liveperson.net
URL
https://lptag.liveperson.net/tag/tag.js?site=52516473
Domain
mcm-sit-us.hsbc.com.hk
URL
https://mcm-sit-us.hsbc.com.hk/7532/handler9/session.json
Domain
mcm-sit-us.hsbc.com.hk
URL
https://mcm-sit-us.hsbc.com.hk/JavascriptInsert.js

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| TMS number| maskTimeout boolean| syncChangesApplied object| cssRuleManager function| removeMask object| u object| HSBC object| _tag object| DCSext function| dcsGetHSBCCookie function| dcsVar function| dcsMultiTrack function| dcsMapHSBC function| dcsMeta function| dcsFunc function| dcsTag object| optimizely function| gtag object| dataLayer object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| $nuxt object| tms object| utag_err boolean| utag_condload object| jwt undefined| JWTInternals object| params object| qp_v_id object| qp_ses_id object| elem boolean| loggedInScript string| targetElementsSelector object| targetElements boolean| isTargetElementPresent undefined| versionNode undefined| version object| utag function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| utag_data object| Evnt string| mn object| blist object| pixel_lib object| utag_extn function| targetPageParams function| lpGetAuthenticationToken object| wizconfig object| aemC object| moOpt object| WIZ_util function| prefixPriority string| formattedredact2 string| formatted object| WIZ_res function| PixelSearchService function| pLoaded boolean| pushIdentities function| tealium_liveperson_lib object| lpTag object| h boolean| impressiontrackingrunning function| fbq function| _fbq string| HSBCUSSITPageID string| HSBCUSSITcompatVersion string| HSBCUSSITpacketVersion string| HSBCUSSITuseCorsForInitialRequest string| HSBCUSSITuseJsonFormatForInitialCorsRequest string| HSBCUSSITTCP string| HSBCUSSITSSL function| HSBCUSSITgPr object| HSBCUSSITpendingManualEvents object| HSBCUSSITqueuedYoutubeReferences function| HSBCUSSITevent function| HSBCUSSITclick function| HSBCUSSITtextchange function| HSBCUSSITformsubmit function| HSBCUSSITSendJsonData function| HSBCUSSITtrackYouTubeIframePlayer function| HSBCUSSITinitialExecutionCanProceed function| HSBCUSSITblockExecutionForInsertAlreadyPresent function| HSBCUSSITSL function| HSBCUSSITsendScriptRequests function| HSBCUSSITcookieAllowsScriptToProceed function| HSBCUSSITSC function| HSBCUSSITfindCookieVal function| HSBCUSSITdeleteLegacyCookies function| HSBCUSSITdoDeleteCookie boolean| HSBCUSSITLF function| HSBCUSSITclearStoppedState function| HSBCUSSITstop function| HSBCUSSITgenerateUUID object| HSBCUSSITcookieList function| HSBCUSSITgC function| HSBCUSSITae function| HSBCUSSITclient_event function| HSBCUSSITGP function| HSBCUSSITGPWID function| HSBCUSSITLC string| HSBCUSSITTWID function| HSBCUSSIToptOut function| HSBCUSSIToptIn function| HSBCUSSITanonymous function| HSBCUSSITresetCSA function| HSBCUSSITdoReInit function| HSBCUSSITtmoPoll boolean| HSBCUSSITjsInsertAlreadyLoaded function| HSBCUSSITgetSD string| HSBCUSSITwindowID number| HSBCUSSITTm object| HSBCUSSITsImgArr object| HSBCUSSITRTEHandler object| e number| f string| items string| storageData string| cc

13 Cookies

Domain/Path Name / Value
.podiumrewards.com/ Name: _ga
Value: GA1.1.1091170953.1718234045
.podiumrewards.com/ Name: optimizelyEndUserId
Value: oeu1718234044637r0.18835299319829923
.podiumrewards.com/ Name: _ga_X8HWFME6KP
Value: GS1.1.1718234044.1.1.1718234044.0.0.0
.uat-hsbc-membersite.podiumrewards.com/ Name: mkt_c
Value: ZZZZZZZZZZ
.podiumrewards.com/ Name: usy46gabsosd
Value: HSBCUSSIT_17182340450460.956b041825fc07a11b404d614e61c801_7532
.tealiumiq.com/ Name: TAPID
Value: hsbc/wpb-stream-us>01900ebad9cd0002f45d27a44e530506f002e06700b08|
.podiumrewards.com/ Name: utag_main
Value: v_id:01900ebad9cd0002f45d27a44e530506f002e06700b08$_sn:1$_se:1$_ss:1$_st:1718235844878$ses_id:1718234044878%3Bexp-session$_pn:1%3Bexp-session$amsyncran:1%3Bexp-session$dc_group:95$_prevpage:Home%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.amazon-adsystem.com/ Name: ad-id
Value: A79HYnDDTUd4o86SAOeRWwE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUlhO8auWUvgjsAueygCYRdvhZ1YniquW9a_66yNBgLRvMYvIyXNv0mZe0VADOg
.tealiumiq.com/ Name: tcs.google_gid
Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiJDQUVTRUxRVzc0T19leXZhdGp0dFJ6T2dobEF8MTcxODIzNDA0NTMwNyJ9
.tealiumiq.com/ Name: tcs.google_cver
Value: eyJoc2JjL3dwYi1zdHJlYW0tdXMiOiIxfDE3MTgyMzQwNDUzMDcifQ==
.podiumrewards.com/ Name: _fbp
Value: fb.1.1718234045337.265070401652240197

15 Console Messages

Source Level URL
Text
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Refused to execute script from 'https://s.amazon-adsystem.com/dcm?pid=f8ca2def-013b-4492-8956-75d0449638a4&id=01900ebad9cd0002f45d27a44e530506f002e06700b08&dcc=t' because its MIME type ('image/gif') is not executable.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uat-hsbc-membersite.podiumrewards.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
akamai.tiqcdn.com
cdn.optimizely.com
cdn3.optimizely.com
cm.g.doubleclick.net
collect-us-east-1.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
logx.optimizely.com
lptag.liveperson.net
mcm-sit-us.hsbc.com.hk
s.amazon-adsystem.com
s3.amazonaws.com
tags.tiqcdn.com
uat-hsbc-api.podiumrewards.com
uat-hsbc-membersite.podiumrewards.com
visitor-service-us-east-1.tealiumiq.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
lptag.liveperson.net
mcm-sit-us.hsbc.com.hk
104.94.118.158
104.96.226.235
18.205.198.246
209.85.201.97
209.85.232.100
23.220.128.152
31.13.66.19
31.13.66.35
34.192.148.35
34.192.241.152
34.195.152.114
34.49.241.189
52.216.50.224
52.46.130.91
74.125.192.155
96.7.21.231
99.84.108.87
0111e6346210e97ad77b96363339dd17bf2fc7947db2c83090a9d66aba236213
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
03e2cd2dfd3b142604cab60fce801488fb3d9c82a1664b7f1ba19835ae11b642
03e426c5f86641f3df96e2aa41268422e098a496306c342c9efe1feb34bdd377
05a4772e19a0d2483773510a4b92da70e084a9d047cb87bb19df60e93575bd7e
07ce5f82c07092c5d17c8b8113065a65e42dc7b041996f41691c23b0355b4b41
097d266cc517d53f8f1aa7c2d6d7470d1ac7acc834bb6a55f21117ef6cb953cc
10ba9e7a6662d026ab340d7eb7a290fbb58c50474ff2d5f3813872445732194b
122c5d86f34f81ac9bf81b706a65dad318ee5cc62eaf5649a93eb5259821422f
15db8870286bbf80a9568930f9ee47535a9c9318f3574e91c67cecea42f541a5
1880f74b39a669782e7ef8800523426c16f5dec6cfca5f02db31914f3930d3ca
214e11ea56b4b4ec2ce0f0202dbf2315b76d9a5681bfe380ac0c2e35a9c1213c
23a69419b86bd3126dbe662c344f972c3646e2016cd9da1befb5d5dce991a54f
2746111bd30acafc812a10457d64f8d70c210f258cb115ca4e3514d5f3e44e5a
2be62f3b530f1b20e785d0e385918ae1173fc0c5f53c3ff23b7bcc9ee477cd18
2fce2feb1cb59a8c53b5b46d1d758949090324d34b2a941a972240d6ccf63db6
3172fc418f1ff5593ef39678e9c89b2a005859f0f9f69ac5a74d9cb9ba46b903
32f47fbbe4da00e31e8dde5782b71d0f15836d79aca2908d15095098e7d802fc
3be26900401b52018ec089aae02621f367245920123530c846f955fdae300da7
3ecd9219549dbd4a574632ac1cd417fdd12a2a7919f2f9b59ee0daf91ae9af7d
552660cff11abb259b259dae8f9223f809b50055e7180325dc1b69ec75591741
5c3972953bc31004e13c1dcf446f4903a566b5e74220622dc4eb4252cd69f578
6787d50b9a9e82e6c2308afe43b3d487da6b31611633888eaa0028890435e01f
678fbf949b673a6d96730974d5acd5cece930eb86f3638fbedd3cc0d880a8414
6857f1f262e4bbfdb85e705b9cf27372ca0691d078587f0eb14529d8b18df526
7b6a1b274e1c3eb4d1ced6916f436ed0f8d821e4e5bd95191e6417f3bae7ffb5
7dbaf714806b2be1e7ddbe7cd9ce432797872e4df76c5609912595f13a874706
7ef9433cc375b3490b901db9d790b187105a13b3840228027f27e250b604ab3f
8b86691612d0c5212bae88d1e0eb944f84845be08fcc6ead02fa26777e0b2d3f
8e91505e91e5989c88abc48d043144abd44030c98b56f292e1b5400a328cb1f6
950ae1b2cf55dc0432b298ca60adb7a9604c4f7f2dbc1bfc67f4469b8b88e8e1
988b840c94e93e8da108d19d8fc0825c079bea7a1e6993e41fee3989832106d6
9de732f25d6c2f5d51857268a92569c543ed4cae375c3c0bf7371b1c03fe807e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12ebb312a1b6432413e84f84bf1d4abbbe903f02837043306157bd005ee2739
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a8272aa1db9d3480238c394a7b56ddf2108112d12ed28be496780bbf1a285903
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af8554a1ea79626669cf9e0f50cad6704d79a69e6b2a475f9c671d2dbbac19c0
b4266221dd20d862fad9af69fefde6ecdb92191d66e293d8a5cd344f83d7bac6
b76f208ad774d5a280a2c531333eae263dad83cebf79f0c466908738f516ab43
b892102f32aea881eb472d85486625e0bdcf55b1d65d598d2affd3ddaf23c36d
c366ee6995ebf3eb54734b1b25fa3a06eebbc664c7a689f9cbfadef0c6e17b81
c9a4fef3ad28c3f422d8a3dd803f8876cd7ee45097f687f00ef0e62a95383094
cbbbfe1080afcefc3c2518e6f5be9c449ae18084f56fdaad0e543be76e4466bf
d24cd7ab6736f119e377162ab1b330775fc33a5dfb37f876361b87b45b1a03ce
d43d097c51de6572a93aef473b04339a54fb20a687d2b5303c2a581eb132bf8f
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
de441554d156f3d1587ad914d3bdd7abf0164852e00b9da68532d8659f683bcf
e1889e4f11467972c456328350d85b6fe6ee687fbd63fa784111aac978cef95d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826d525e772eaeae32f6d313a0f7837ab7a8d6e92bc622087d32aefaa8da3c4
ee9adcb3a6f17785281f7b87a41d2016448799afc8cbd61214a143b010da5be4
ef3d080897bd8dd58a92eb60de34b56e34742dc57cca1e4a6cfe59c4e5943d28
fdea52ea78ac289e3b282329516a34dc20e40582c215f05fe4ec0d65f43ad2ce