rmintro.hsbc.com.my Open in urlscan Pro
54.255.85.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rmintro.hsbc.com.my/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2023, 7:00:16 am UTC) — Scanned from SG

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 15 domains to perform 61 HTTP transactions. The main IP is 54.255.85.223, located in Singapore and belongs to AMAZON-02, US. The main domain is rmintro.hsbc.com.my.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 16th 2022. Valid for: a year.

This is the only time rmintro.hsbc.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	54.255.85.223 54.255.85.223	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:20c... 2600:9000:20c7:d400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1413:b00... 2600:1413:b000:685::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.69.37.107 104.69.37.107	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2404:6800:400... 2404:6800:4003:c01::61	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	74.125.130.148 74.125.130.148	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::9d	15169 (GOOGLE) (GOOGLE)
1	13.114.8.210 13.114.8.210	16509 (AMAZON-02) (AMAZON-02)
1	2406:2000:e4:... 2406:2000:e4:1604::1000	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
2 6	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
1	16.163.163.227 16.163.163.227	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.112.157 146.75.112.157	54113 (FASTLY) (FASTLY)
1	23.15.147.149 23.15.147.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2404:6800:400... 2404:6800:4003:c1a::8b	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c0f::68	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	52.196.188.198 52.196.188.198	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.203.70.22 52.203.70.22	14618 (AMAZON-AES) (AMAZON-AES)
61	21

15 54.255.85.223 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

rmintro.hsbc.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:20c7:d400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:b000:685::13b8 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.37.107 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-37-107.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c01::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.8.210 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-8-210.ap-northeast-1.compute.amazonaws.com

collect-ap-northeast-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:e4:1604::1000 (Taiwan)

ASN56173 (YAHOO-SG3 internet content provider, SG)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.233.170.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.163.163.227 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-163-227.ap-east-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.112.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.15.147.149 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-147-149.deploy.static.akamaitechnologies.com

a19069622224.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::8b (Singapore)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c0f::68 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.188.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-188-198.ap-northeast-1.compute.amazonaws.com

visitor-service-ap-northeast-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.70.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-70-22.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hsbc.com.my rmintro.hsbc.com.my	700 KB
13	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1208 akamai.tiqcdn.com — Cisco Umbrella Rank: 11110	86 KB
8	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	7 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 105 google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	344 KB
4	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12791	779 B
3	tealiumiq.com collect-ap-northeast-1.tealiumiq.com — Cisco Umbrella Rank: 161576 datacloud.tealiumiq.com — Cisco Umbrella Rank: 6598 visitor-service-ap-northeast-1.tealiumiq.com — Cisco Umbrella Rank: 154324	2 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 784 a19069622224.cdn.optimizely.com — Cisco Umbrella Rank: 96769 logx.optimizely.com — Cisco Umbrella Rank: 1420	98 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 169	91 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 742	725 B
1	t.co t.co — Cisco Umbrella Rank: 577	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 758	15 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 624	7 KB
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5694	476 B
61	15

	Domain	Requested by
15	rmintro.hsbc.com.my	rmintro.hsbc.com.my
12	tags.tiqcdn.com	rmintro.hsbc.com.my tags.tiqcdn.com
5	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com
4	www.google.com.sg	rmintro.hsbc.com.my
4	www.google.com	rmintro.hsbc.com.my
4	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.facebook.com	rmintro.hsbc.com.my
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	cm.g.doubleclick.net	2 redirects
2	ad.doubleclick.net	2 redirects
1	logx.optimizely.com	cdn.optimizely.com
1	visitor-service-ap-northeast-1.tealiumiq.com	tags.tiqcdn.com
1	analytics.twitter.com	rmintro.hsbc.com.my
1	t.co	rmintro.hsbc.com.my
1	google.com	www.googletagmanager.com
1	a19069622224.cdn.optimizely.com	cdn.optimizely.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com	rmintro.hsbc.com.my
1	s.yimg.com	tags.tiqcdn.com
1	collect-ap-northeast-1.tealiumiq.com	tags.tiqcdn.com
1	adservice.google.com	rmintro.hsbc.com.my
1	ipac.ctnsnet.com	1 redirects
1	akamai.tiqcdn.com	tags.tiqcdn.com
1	cdn.optimizely.com	tags.tiqcdn.com
61	24

This site contains no links.

Subject Issuer	Validity	Valid
rmintro.hsbc.com.my DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-16`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-07-23` - `2024-08-19`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-10` - `2023-09-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://rmintro.hsbc.com.my/
Frame ID: BE94BFC9F90D1D5848286246948A2A76
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=DC-11261169
Frame ID: 8FA1FCF796E72E200B4DD5381A4B52EE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=DC-8731154
Frame ID: 4A29FDE4B3101DEA13F074997B43154C
Requests: 1 HTTP requests in this frame

Frame: https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html
Frame ID: D6BF13E835F6DEB860516EA01E91C98F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to HSBC Premier

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

43 %
IPv6

15
Domains

24
Subdomains

21
IPs

5
Countries

1352 kB
Transfer

3155 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ipac.ctnsnet.com/int/integration?pixel=77417307&nid=1125532&cont=i HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8864307;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

Request Chain 33

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my&google_gid=CAESEAeZqnxPHkEcXghZpxcTGdQ&google_cver=1

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rmintro.hsbc.com.my/ 3 KB
2 KB 44ms
11ms Document
text/html 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ad8982a5be4de4de13ee254b435db1e3d91845abfc8aac6966c4f03b9fcea6c2

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1280
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Sep 2023 07:00:10 GMT
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
Expires: 0
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Keep-Alive: timeout=5, max=100
Referrer-Policy: no-referrer
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN DENY
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
rmintro.hsbc.com.my/css/ 157 KB
25 KB 10ms
10ms Stylesheet
text/css 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/css/bootstrap.min.css

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 23916
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 04 Nov 2020 00:35:06 GMT
Server: Apache
ETag: "27288-5b33d26a0c280-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK swiper.min.css
rmintro.hsbc.com.my/css/ 13 KB
5 KB 14ms
8ms Stylesheet
text/css 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/css/swiper.min.css

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

bab57596e67c24f23305bfbcf2f313f2ac1b17c8c16c722bc10f304e086d08ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 4129
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 22 May 2020 18:14:56 GMT
Server: Apache
ETag: "356c-5a6409b3ae800-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2628000, public
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK core.css
rmintro.hsbc.com.my/css/ 11 KB
4 KB 13ms
7ms Stylesheet
text/css 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/css/core.css?20230901150010

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ab97fcc68ca69b03e42c72c0549c06a66856a2eaf53b1ddb50b75ebd9d5cd23c

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 2819
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Mon, 17 Jan 2022 09:51:10 GMT
Server: Apache
ETag: "2bc3-5d5c4179fdbe1-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/dev/ 2 KB
1 KB 1052ms
969ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/dev/utag.sync.js
Requested by: Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56b20fbfb35685a22b0f80a3b5170d1669c361d64f28f6bdf64c246654ab9344

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: LhWlLVS90TW7iZrDPHFf2mIFCCV6w_Ty
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:12 GMT
last-modified: Thu, 31 Aug 2023 11:13:48 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
etag: W/"9702410cbe17ae764678328cf40b4b72"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: _FXrnUzmlFTYXjYvcVaF5KoFiEEl6-q9nLqu3z9ynwzxyR1hKhSOaQ==

GET
H/1.1 200
OK hsbc-premier.svg
rmintro.hsbc.com.my/images/ 4 KB
3 KB 5ms
5ms Image
image/svg+xml 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rmintro.hsbc.com.my/images/hsbc-premier.svg

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

eaeb5694891d4b63daabce10425cc2f5956145fff42a3a62b24235e3b3ba4c81

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 1453
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 25 Nov 2020 06:00:02 GMT
Server: Apache
ETag: "e8a-5b4e82358fc80-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK kv.png
rmintro.hsbc.com.my/images/ 174 KB
175 KB 5ms
4ms Image
image/png 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rmintro.hsbc.com.my/images/kv.png

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

76cc57292c3dab985a3558c99bf3d15efc5ded78a33b04edce856ca316e4ab68

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 178349
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 14 Jan 2021 03:38:41 GMT
Server: Apache
ETag: "2b8ad-5b8d3fde7f240"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK kv-mobile.png
rmintro.hsbc.com.my/images/ 124 KB
125 KB 5ms
5ms Image
image/png 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rmintro.hsbc.com.my/images/kv-mobile.png

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

23cfcc60565a40385fd92d1eb6d5cac5ded84ce745d15215f18dc84e02645684

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 126924
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 14 Jan 2021 03:42:04 GMT
Server: Apache
ETag: "1efcc-5b8d40a017b00"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
rmintro.hsbc.com.my/js/ 87 KB
31 KB 12ms
12ms Script
application/javascript 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/js/jquery-3.5.1.min.js

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 30910
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 15 May 2020 01:28:08 GMT
Server: Apache
ETag: "15d84-5a5a5b9be5a00-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK swiper.min.js Show response
rmintro.hsbc.com.my/js/ 138 KB
36 KB 11ms
11ms Script
application/javascript 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/js/swiper.min.js

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c4a77c3ba0af6b05ecddbf190ab7eec0df40d0848233c6d48490bce8be80f0e6

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 35836
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 22 May 2020 18:14:44 GMT
Server: Apache
ETag: "2265a-5a6409a83cd00-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2628000, public
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
rmintro.hsbc.com.my/js/ 82 KB
23 KB 9ms
9ms Script
application/javascript 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/js/bootstrap.bundle.min.js

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 21804
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 04 Nov 2020 00:35:20 GMT
Server: Apache
ETag: "148b8-5b33d27766200-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK jquery.scrollify.js Show response
rmintro.hsbc.com.my/js/ 26 KB
7 KB 6ms
6ms Script
application/javascript 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/js/jquery.scrollify.js

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

211a68c2121cef7a6047489d61d2da24e491a630a8b2e215bb607bbe7e24773b

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 5668
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Nov 2020 01:43:27 GMT
Server: Apache
ETag: "676b-5b35238e86dc0-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK core.js Show response
rmintro.hsbc.com.my/js/ 10 KB
3 KB 5ms
5ms Script
application/javascript 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/js/core.js?20230901150010

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9e677bf7a8692f8ddea99f14aff0418d1301c46f7e5bb79bd96d10c86abfb122

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 2244
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 24 Nov 2021 10:42:17 GMT
Server: Apache
ETag: "2606-5d18682fd1440-gzip"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H2 200 20375200357.js Show response
cdn.optimizely.com/js/ 335 KB
96 KB 86ms
7ms Script
text/javascript 2600:1413:b000:685::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20375200357.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/dev/utag.sync.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1413:b000:685::13b8 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8695a0a8f3cbf99392f8e08c99c2dc0cb4cf3cf12cd8bf6be61b012e38c9b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: PjG5BnaGwnL00WwmFATXcTVLiwC0GuWu
content-encoding: gzip
date: Fri, 01 Sep 2023 07:00:11 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: V8X33X35W8C8382S
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 549
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="2600:1413:b000:685::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1693551611875_389065865_961647282_27_2309_2_7_146";dur=1
content-length: 96971
x-amz-id-2: GHxHQyBQ/HIu3r/Z03gEtfvGz91z/sQyQ6YcmOTNkOfKN3Nd/mMTeRDjDSBR6KY7uI0u5yNq4nE=
last-modified: Wed, 23 Aug 2023 01:01:17 GMT
server: AmazonS3
etag: "8c307a582dc911d82cd36f4b6fd6482a"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 197 KB
40 KB 7ms
6ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Requested by: Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 968633d198051d5c6e8e8e960b947a4f0aac5ebad393554ab2f31ad0cc4f721e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 2sNuqd.6Y6JvMiu6nboEYTk_GvcEok1q
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 06:56:02 GMT
last-modified: Thu, 31 Aug 2023 11:13:46 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 250
x-amz-server-side-encryption: AES256
etag: W/"ba02ac06254c0de2037f0ea265fe860c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 1L-jfc2Sf-FP_rzXVCUzzDvudt2cGcrWJeZrT2nV0FokDgYze_m9zg==

GET
H/1.1 200
OK UniversNextforHSBCW02-Rg.woff
rmintro.hsbc.com.my/fonts/ 27 KB
28 KB 8ms
8ms Font
application/font-woff 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/fonts/UniversNextforHSBCW02-Rg.woff

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/css/core.css?20230901150010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rmintro.hsbc.com.my
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 27464
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 05 Jun 2020 07:53:52 GMT
Server: Apache
ETag: "6b48-5a7518fe6a400"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: application/font-woff
Cache-Control: max-age=2628000, public
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK VivaBeautifulPro-Regular.woff
rmintro.hsbc.com.my/fonts/ 205 KB
206 KB 7ms
6ms Font
application/font-woff 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/fonts/VivaBeautifulPro-Regular.woff

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/css/core.css?20230901150010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

31e00fc17f849096489d3d98fc98d9fe30135877c97d448dee337983e39007a3

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rmintro.hsbc.com.my
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 209432
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Tue, 12 Jan 2021 02:27:15 GMT
Server: Apache
ETag: "33218-5b8aac2c206c0"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: application/font-woff
Cache-Control: max-age=2628000, public
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK UniversNextforHSBCW02-Bd.woff
rmintro.hsbc.com.my/fonts/ 26 KB
27 KB 5ms
5ms Font
application/font-woff 54.255.85.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rmintro.hsbc.com.my/fonts/UniversNextforHSBCW02-Bd.woff

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/css/core.css?20230901150010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.255.85.223 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-85-223.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rmintro.hsbc.com.my
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: 0
Date: Fri, 01 Sep 2023 07:00:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Connection: Keep-Alive
Content-Length: 26328
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 05 Jun 2020 07:54:09 GMT
Server: Apache
ETag: "66d8-5a75190ea0a40"
Expect-CT: enforce, max-age=300, report-uri='https://rmintro.hsbc.com.my/'
X-Frame-Options: SAMEORIGIN, DENY
Content-Type: application/font-woff
Cache-Control: max-age=2628000, public
Feature-Policy: microphone 'none'; payment 'none'; sync-xhr 'self' https://rmintro.hsbc.com.my
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-WebKit-CSP: default-src * data:; img-src * data:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Security-Policy: default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
562 B 44ms
5ms XHR
application/x-javascript 104.69.37.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.69.37.107 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-37-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Fri, 01 Sep 2023 07:00:11 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=SG,region_code=0,city=SINGAPORE,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Sat, 16 Sep 2023 07:00:11 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
430 B 6ms
6ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/my-rbwm/202308311111&cb=1693551611914
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Fri, 01 Sep 2023 06:58:53 GMT
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 78
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 4HPuGv6vpHlif5xdbyINlpjqqYHeI3AwdBowrVDli4hoTesRFdQjEg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8FA1 173 KB
64 KB 18ms
7ms Document
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11261169

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5a01d99003e53f64f8549aed69c5808e9f88ecb89bbc7db92cd01a9d68ed11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=900
content-encoding: br
content-length: 64963
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 07:00:11 GMT
expires: Fri, 01 Sep 2023 07:00:11 GMT
last-modified: Fri, 01 Sep 2023 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4A29 173 KB
64 KB 25ms
16ms Document
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8731154

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8887134a3693b22e3eb85b8e6e89d6f1e4580f8cea3086601f45407dae48478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=900
content-encoding: br
content-length: 64945
content-type: application/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 07:00:11 GMT
expires: Fri, 01 Sep 2023 07:00:11 GMT
last-modified: Fri, 01 Sep 2023 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

GET
H2 200 utag.268.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 3 KB
2 KB 7ms
6ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.268.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cddd5c5f7c1463aaccb31a43e8172bc48bebabb24c51b6e8cbf69ebe1444911f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: CiLs5MGw9jn2Ei3htGh1dn_XRt9ZuvUU
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:40 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 300
x-amz-server-side-encryption: AES256
etag: W/"c1ae1b2e361fc845ef71b4b67ba7ea04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: WVAGR1Fey6QxJLJqTPY8HL-DxtwfrDqxYpb1J9fiItz054_f7pkkKg==

GET
H2 200 utag.456.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 15 KB
5 KB 7ms
6ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.456.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99a1d87f6f81cb83da9f71c48cf14f8faad64e263fd5a2e3bdddf47505fb9927

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: acIKTZN.oQfcLuJZTtBi4UDERSdI4D2v
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 300
x-amz-server-side-encryption: AES256
etag: W/"897d4c28d4d58ea40f74ca76de8271ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RRhkJ517izRtfvIDjw4Uni-pDTglwUvnB5J_Di69OV07HevAhQAnGg==

GET
H2 200 utag.458.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 5 KB
2 KB 9ms
8ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.458.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd36a668b617174934605d8893924d48f0bac4a69ba0026908c7542e1c6f641f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: ydTltBJJQZtKeFWcerTrLaWpT0RZE7dp
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:37 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 115
x-amz-server-side-encryption: AES256
etag: W/"f0e974b72c5a9288532a4657c4060daa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: rlla1z36b7UPyE_0dLB7kyxmOn6gbpGYSu0RLemcvX3JgAIHbLjHRQ==

GET
H2 200 utag.461.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 23 KB
7 KB 9ms
9ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.461.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f23cae8891aeda81512d7e79556e3023caccb854d28245b546742831ac5487bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 4lNrRAOk6aSGZPpi_ND5YtpxsT8tu3SQ
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:37 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 251
x-amz-server-side-encryption: AES256
etag: W/"6040983f765723df4df3760941dac8f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: g25bRAX0WfnIfXAHaIoo4AXSYpy_zSJRKDydo08jNB_A8619sD70lA==

GET
H2 200 utag.479.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 10 KB
4 KB 12ms
12ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.479.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d51d3fe13b2ada5566d746b44b91adeae218485d9c0a896f5eaa7dc381f7d281

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: rWeAyUyUpfWh26EgpHeg5ELi3E8XNMrS
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:40 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 251
x-amz-server-side-encryption: AES256
etag: W/"0acf43bd6e12f85f74cf8354c12fe316"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Aj3KOL3ySwjoB3yOar7f1aOuu1wyv-uIlDrgpNm70waCRgEp1B1INw==

GET
H2 200 utag.482.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 47 KB
12 KB 11ms
11ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.482.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fa63c5dcda62b6763c8eafcef69999c086c47564ffaa85b2a0edbe2a44fb72e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: uJlZbgoG9Jz7MCQliGyfX1M6ZFRomUTj
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:37 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 251
x-amz-server-side-encryption: AES256
etag: W/"25c995c72d5d046186681a2c60e54a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 08ZGDcB2aqZyqdlls4CqeCxStU0uIEjUp6fCBOVmmFbhlk9IXxBvFg==

GET
H2 200 utag.495.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 9 KB
3 KB 11ms
11ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.495.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 663730e74d1993cae01c5d5a03b13b9ea2ea4a1bd74c631f4a5b46d7ad2b9ad5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: IR6ibOgwY1Wz_cECAel3SupE0UKSikLp
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:41 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 251
x-amz-server-side-encryption: AES256
etag: W/"3bf53e02f205d0ca4ff991236b6b67bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: c414q2wHZxOg2f1EBW9a_PVhp-09tM74iGfl8mzqT5A-CWJ16gME-Q==

GET
H2 200 utag.513.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 22 KB
7 KB 11ms
10ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.513.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd3f414c5f0f04abde2ef7d3bf119d996db0e5a836adba77850e3920e1a890f4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Vu87zpcODmtmhR_4C5IpbDoqZh.50Uf.
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:46 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 300
x-amz-server-side-encryption: AES256
etag: W/"aff8cc0d62d7e6315c20b7b3cbbf98d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: getKwmQZycCCjIEBJiieLsRhgRDW97_4YBFyegrNeIUohTwLZoQrkA==

GET
H2 200 utag.519.js Show response
tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/ 3 KB
2 KB 11ms
11ms Script
application/javascript 2600:9000:20c7:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.519.js?utv=ut4.46.202308311112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d195233d8dbda745ea19b354a0c70d3ea1305686395c8d8a9db1b65d5387cc62

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 7tPEgYpjPwhIsSfiZkarEbi4Or9pZYsw
content-encoding: br
via: 1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
date: Fri, 01 Sep 2023 07:00:05 GMT
last-modified: Thu, 31 Aug 2023 11:13:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 251
x-amz-server-side-encryption: AES256
etag: W/"e07a6dbf1b37363d974d8f9f26622a6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IEBJPlDAvb4vxj5mHvk3mXQrc23LGlQbVdveTbgi920O8tYRGyTIIg==

GET
H2

200

src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ipac.ctnsnet.com/int/integration?pixel=77417307&nid=1125532&cont=i
https://ad.doubleclick.net/ddm/activity/src=8864307;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

42 B
401 B

26ms
8ms

Image
image/gif

2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8864307;dc_pre=CN_E_7HriIEDFfMigwMdAPIHGA;type=invmedia;cat=hsbcm0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i.gif Show response
collect-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-my/2/ 43 B
768 B 297ms
139ms XHR
image/gif 13.114.8.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-my/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.482.js?utv=ut4.46.202308311112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.8.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-8-210.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzjcBCNO9rKKJfIDg

Response headers

date: Fri, 01 Sep 2023 07:00:12 GMT
x-serverid: uconnect_i-0d272734c94a82a08
x-tid: 018a4f8acfc80083a9c014a4555003074001c06c00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:wpb-stream-my:2:datacloud
x-region: ap-northeast-1
content-length: 43
pragma: no-cache
x-did: 018a4f8acfc80083a9c014a4555003074001c06c00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://rmintro.hsbc.com.my
x-ulver: 54c654920db5f931ad69a453263b061c49db3193-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 100374bd-8097-4f13-b179-340e8b56ca9b
expires: Fri, 01 Sep 2023 07:00:12 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 19ms
4ms Script
application/javascript 2406:2000:e4:1604::1000
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:e4:1604::1000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 06:50:33 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: WB2NQAMCDD7EVPBY
age: 580
x-amz-server-side-encryption: AES256
x-amz-id-2: ABpzyboeunWNijssyklKtdg2aJUm6k6NH2EHyvtRUEZ+U270HORB3WfDxGiG8Ldyjb0nEyTiBieTMPFuCEAvIQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-strea...
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stre...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my&google_gid=CAESEAeZ...

43 B
1002 B

122ms
35ms

Image
image/gif

16.163.163.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my&google_gid=CAESEAeZqnxPHkEcXghZpxcTGdQ&google_cver=1
Requested by: Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/
Protocol: H2
Server: 16.163.163.227 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-163-227.ap-east-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
x-serverid: uconnect_i-0a4618fe0641d603e
x-tid: 018a4f8acfc80083a9c014a4555003074001c06c00b08
x-did: 018a4f8acfc80083a9c014a4555003074001c06c00b08
vary: Origin
content-type: image/gif
x-acc: hsbc:wpb-stream-my:2:vdata
x-ulver: 54c654920db5f931ad69a453263b061c49db3193-SNAPSHOT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: ap-east-1
content-length: 43
x-uuid: 0d61ee94-124f-4a73-87da-7b67b11f5982
expires: Fri, 01 Sep 2023 07:00:12 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=018a4f8acfc80083a9c014a4555003074001c06c00b08&tealium_account=hsbc&tealium_profile=wpb-stream-my&google_gid=CAESEAeZqnxPHkEcXghZpxcTGdQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 14ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.461.js?utv=ut4.46.202308311112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Sep 2023 07:00:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: oYYSrS8Jx6JaQFymYSloQ4YKH0xAYxVCcIoYn5jD6HdOl9IMtxdAkpSrmXw8TPq+6cHwNCUhhKYmtVea06id/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 217ms
69ms Script
application/javascript 146.75.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.519.js?utv=ut4.46.202308311112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.112.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-nrt-rjtf7700059-NRT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 11ms
11ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8717352

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.495.js?utv=ut4.46.202308311112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76ac6becabcd10c38565b129de92fb21b39c61f1372909cf317f67fac78a528b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64988
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 07:00:12 GMT

GET
H2 200 a19069622224.html Show response
a19069622224.cdn.optimizely.com/client_storage/ Frame D6BF 4 KB
2 KB 66ms
4ms Document
text/html 23.15.147.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a19069622224.cdn.optimizely.com/client_storage/a19069622224.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375200357.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.15.147.149 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-15-147-149.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1204
content-type: text/html; charset=utf-8
date: Fri, 01 Sep 2023 07:00:12 GMT
etag: "8573b7f369b3777acf102ce07d003801"
last-modified: Fri, 01 Sep 2023 06:19:14 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.15.147.149";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1693551612152_3092707975_232466307_19_1559_2_7_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: mD9uEl2CbbQXby4uFNFzXC0/Q0wS5cD4fAygOMz2FjHQd8NThdRl9a0itpVHwBRyCUXO6YM9kK4=
x-amz-meta-pci_enabled: False
x-amz-replication-status: PENDING
x-amz-request-id: 1RKFVRB9N70MRRZD
x-amz-server-side-encryption: AES256
x-amz-version-id: QuOzhRAcdcSr1lxQPDnCIE9Q88Uru.wv

GET
H2 200 1308608335935876 Show response
connect.facebook.net/signals/config/ 148 KB
39 KB 490ms
490ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1308608335935876?v=2.9.125&r=stable&domain=rmintro.hsbc.com.my

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2148faf3d4e93c5ed0d2e8eecabcac0a07f804753c4bc79dabcf439e11095183

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Sep 2023 07:00:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: TD8xmbzOFHpyg4hw7sUqartDtPuwdp78rdjpkc0rEQODpHPSXGsM/wAjHmh2bt+XdfA2wmTAQJA0kY2OcfgPTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
74 KB 22ms
21ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-789514635&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8717352

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b80b3bd8125e8d9fe22b1e0871215005de1c831e1bb834e399c342d31609f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75948
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 07:00:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 18ms
18ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-339408115&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8717352

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b181f7ce59e69f4107c39c886a42f29fa4731bb4a29671aeb4bcefcb6ce61dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80569
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Sep 2023 07:00:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/339408115/ 3 KB
1 KB 22ms
21ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/339408115/?random=1693551612206&cv=11&fst=1693551612206&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&auid=1901807929.1693551612&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-339408115&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

cafe /

Resource Hash

57815219491be09b99cfcc8577c1b621dc9cb1ae7b9f7262b82c945c106cce64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/339408115/ 3 KB
1 KB 20ms
19ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/339408115/?random=1693551612227&cv=11&fst=1693551612227&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&auid=1901807929.1693551612&uamb=0&uaw=0&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-339408115&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

cafe /

Resource Hash

33bbee9e367952405b27a5a3b8d6ad9cd08d636118c47f0bc069849440b3898b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 339408115
google.com/ccm/form-data/ 0
257 B 317ms
302ms Ping
text/plain 2404:6800:4003:c1a::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/339408115?gtm=45be38u0&hn=www.googleadservices.com&auid=1901807929.1693551612&ec_mode=a&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-339408115&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1a::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rmintro.hsbc.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/789514635/ 3 KB
1 KB 20ms
20ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/789514635/?random=1693551612254&cv=11&fst=1693551612254&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&auid=1901807929.1693551612&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789514635&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

cafe /

Resource Hash

6cc843ac3173e76699311b05b5e5d2aa0e8a20a227c3f1116fdd09ddea42f68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/789514635/ 3 KB
1 KB 21ms
21ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/789514635/?random=1693551612268&cv=11&fst=1693551612268&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&auid=1901807929.1693551612&uamb=0&uaw=0&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-789514635&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

cafe /

Resource Hash

63cc186381eb07f0727db429c1e95530485d9c0e3093b10f7bbcde139f7aebde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/339408115/ 42 B
108 B 26ms
11ms Image
image/gif 2404:6800:4003:c0f::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/339408115/?random=1693551612206&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2728559843&rmt_tld=0&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/339408115/ 42 B
108 B 27ms
12ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/339408115/?random=1693551612206&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2728559843&rmt_tld=1&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/339408115/ 42 B
455 B 25ms
10ms Image
image/gif 2404:6800:4003:c0f::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/339408115/?random=1693551612227&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=3309925703&rmt_tld=0&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/339408115/ 42 B
455 B 24ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/339408115/?random=1693551612227&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=3309925703&rmt_tld=1&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 190ms
174ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=000e5bb1-83bb-46c0-a444-a48bbcd044d2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=020c75b5-d7f8-4c98-b189-8b318bffade3&tw_document_href=https%3A%2F%2Frmintro.hsbc.com.my%2F&tw_iframe_status=0&txn_id=o3d9q&type=javascript&version=2.3.29

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 171
date: Fri, 01 Sep 2023 07:00:11 GMT
strict-transport-security: max-age=0
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: fa622f6b98a49219
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 0d5fb158d1cf902354be6574412068b15e2d3886e04a1eb0fc3a3f626b8d401f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 201ms
186ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=000e5bb1-83bb-46c0-a444-a48bbcd044d2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=020c75b5-d7f8-4c98-b189-8b318bffade3&tw_document_href=https%3A%2F%2Frmintro.hsbc.com.my%2F&tw_iframe_status=0&txn_id=o3d9q&type=javascript&version=2.3.29

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 182
date: Fri, 01 Sep 2023 07:00:11 GMT
strict-transport-security: max-age=631138519
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: 7292d0ab4d88a00e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bf8f9157430bf0ccd439e3dd76399985973a1a868db39bcef0fbe0e0c2c4bf29
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/789514635/ 42 B
108 B 40ms
33ms Image
image/gif 2404:6800:4003:c0f::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/789514635/?random=1693551612254&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2538267180&rmt_tld=0&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/789514635/ 42 B
108 B 19ms
12ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/789514635/?random=1693551612254&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2538267180&rmt_tld=1&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/789514635/ 42 B
108 B 12ms
11ms Image
image/gif 2404:6800:4003:c0f::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/789514635/?random=1693551612268&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=2212615243&rmt_tld=0&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/789514635/ 42 B
108 B 13ms
12ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/789514635/?random=1693551612268&cv=11&fst=1693551600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frmintro.hsbc.com.my%2F&frm=0&tiba=Welcome%20to%20HSBC%20Premier&userId=018a4f8acfc80083a9c014a4555003074001c06c00b08&data=event%3Dpage_view%3Ballow_custom_scripts%3Dtrue&fmt=3&is_vtc=1&random=2212615243&rmt_tld=1&ipr=y

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Sep 2023 07:00:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 018a4f8acfc80083a9c014a4555003074001c06c00b08 Show response
visitor-service-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-my/ 36 B
254 B 216ms
70ms Script
application/javascript 52.196.188.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-northeast-1.tealiumiq.com/hsbc/wpb-stream-my/018a4f8acfc80083a9c014a4555003074001c06c00b08?callback=utag.ut%5B%22writevawpb-stream-my%22%5D&rnd=1693551612325

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/my-rbwm/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.196.188.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-188-198.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

1c4bf101d6ad2270fdf588d713c34c11fbd7ea6e622884e65470d55be5cd459c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-version: 54c654920db5f931ad69a453263b061c49db3193-SNAPSHOT
date: Fri, 01 Sep 2023 07:00:12 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-northeast-1
content-length: 36
x-nodeid: i-01c236a62bb72902d
content-type: application/javascript; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 14ms
6ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1308608335935876&ev=PageView&dl=https%3A%2F%2Frmintro.hsbc.com.my%2F&rl=&if=false&ts=1693551612890&cd[page_url]=%2Fpremier%2Fwelcome&cd[base_tracking_type]=track&sw=1600&sh=1200&ud[external_id]=835b72788480f26ae45ac9f5336afb2c9e90ede981451e98eb3ed7dced0f27eb&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1693551612888.850664835&cs_est=true&it=1693551612125&coo=false&eid=2d08efcf82bd8a04e4ccaaad9b48ee11&tm=1&rqm=GET

Requested by

Host: rmintro.hsbc.com.my
URL: https://rmintro.hsbc.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Sep 2023 07:00:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
364 B 932ms
229ms XHR
text/plain 52.203.70.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20375200357.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.70.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-70-22.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 01 Sep 2023 07:00:13 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://rmintro.hsbc.com.my
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 0b1bb01f-9590-4f81-9c26-fefeda2845a4

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 5ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1308608335935876&ev=Microdata&dl=https%3A%2F%2Frmintro.hsbc.com.my%2F&rl=&if=false&ts=1693551614393&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Welcome%20to%20HSBC%20Premier%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=835b72788480f26ae45ac9f5336afb2c9e90ede981451e98eb3ed7dced0f27eb&v=2.9.125&r=stable&a=tmtealium&ec=1&o=29&fbp=fb.2.1693551612888.850664835&it=1693551612125&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Sep 2023 07:00:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsbc.com.my/	1969-12-31 23:59:59	Name: tms_ref Value:
.ctnsnet.com/	1970-01-20 23:11:27	Name: cid_ffc1876ec8444913a144c991e0c40062 Value: 1
.hsbc.com.my/	1970-01-20 18:45:03	Name: optimizelyEndUserId Value: oeu1693551612078r0.1368449483643459
.doubleclick.net/	1970-01-21 00:01:51	Name: IDE Value: AHWqTUmcX8naGjdr8QmMesG3ldXXVSevrWmjlJLCd0sL-s9qtcL4OLbBcjVdqWl8YoQ
.hsbc.com.my/	1970-01-20 16:35:27	Name: _gcl_au Value: 1.1.1901807929.1693551612
.tealiumiq.com/	1970-01-20 23:11:27	Name: TAPID Value: hsbc/wpb-stream-my>018a4f8acfc80083a9c014a4555003074001c06c00b08\|
.tealiumiq.com/	1970-01-20 18:47:56	Name: tcs.google_cver Value: eyJoc2JjL3dwYi1zdHJlYW0tbXkiOiIxfDE2OTM1NTE2MTIyMzcifQ==
.tealiumiq.com/	1970-01-20 18:47:56	Name: tcs.google_gid Value: eyJoc2JjL3dwYi1zdHJlYW0tbXkiOiJDQUVTRUFlWnFueFBIa0VjWGdoWnB4Y1RHZFF8MTY5MzU1MTYxMjIzNyJ9
.hsbc.com.my/	1970-01-20 23:11:27	Name: utag_main Value: v_id:018a4f8acfc80083a9c014a4555003074001c06c00b08$_sn:1$_se:1$_ss:1$_st:1693553411849$ses_id:1693551611849%3Bexp-session$_pn:1%3Bexp-session$dc_group:89$_prevpage:pws%3Apremier%3Awelcome%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_region:ap-northeast-1%3Bexp-session
.t.co/	1970-01-21 00:01:51	Name: muc_ads Value: 898f6d2e-74f2-4efe-942b-f3045b842838
.twitter.com/	1970-01-21 00:01:51	Name: guest_id_marketing Value: v1%3A169355161239880977
.twitter.com/	1970-01-21 00:01:51	Name: guest_id_ads Value: v1%3A169355161239880977
.twitter.com/	1970-01-21 00:01:51	Name: personalization_id Value: "v1_5lmh/FYlwQKzTz7iyDOpXg=="
.twitter.com/	1970-01-21 00:01:51	Name: guest_id Value: v1%3A169355161239880977
.hsbc.com.my/	1970-01-20 16:35:27	Name: _fbp Value: fb.2.1693551612888.850664835

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src * data:; img-src * data: blob:;style-src * 'unsafe-inline'; font-src * data:; script-src * 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a19069622224.cdn.optimizely.com
ad.doubleclick.net
adservice.google.com
akamai.tiqcdn.com
analytics.twitter.com
cdn.optimizely.com
cm.g.doubleclick.net
collect-ap-northeast-1.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
google.com
googleads.g.doubleclick.net
ipac.ctnsnet.com
logx.optimizely.com
rmintro.hsbc.com.my
s.yimg.com
static.ads-twitter.com
t.co
tags.tiqcdn.com
visitor-service-ap-northeast-1.tealiumiq.com
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
104.244.42.3
104.244.42.69
104.69.37.107
13.114.8.210
146.75.112.157
16.163.163.227
23.15.147.149
2404:6800:4003:c01::61
2404:6800:4003:c04::5e
2404:6800:4003:c05::9d
2404:6800:4003:c0f::68
2404:6800:4003:c1a::8b
2406:2000:e4:1604::1000
2600:1413:b000:685::13b8
2600:9000:20c7:d400:7:2bfb:7c00:93a1
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
35.186.193.173
52.196.188.198
52.203.70.22
54.255.85.223
64.233.170.156
74.125.130.148
1c4bf101d6ad2270fdf588d713c34c11fbd7ea6e622884e65470d55be5cd459c
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
211a68c2121cef7a6047489d61d2da24e491a630a8b2e215bb607bbe7e24773b
2148faf3d4e93c5ed0d2e8eecabcac0a07f804753c4bc79dabcf439e11095183
23cfcc60565a40385fd92d1eb6d5cac5ded84ce745d15215f18dc84e02645684
2b80b3bd8125e8d9fe22b1e0871215005de1c831e1bb834e399c342d31609f37
31e00fc17f849096489d3d98fc98d9fe30135877c97d448dee337983e39007a3
33bbee9e367952405b27a5a3b8d6ad9cd08d636118c47f0bc069849440b3898b
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4fa63c5dcda62b6763c8eafcef69999c086c47564ffaa85b2a0edbe2a44fb72e
56b20fbfb35685a22b0f80a3b5170d1669c361d64f28f6bdf64c246654ab9344
57815219491be09b99cfcc8577c1b621dc9cb1ae7b9f7262b82c945c106cce64
63cc186381eb07f0727db429c1e95530485d9c0e3093b10f7bbcde139f7aebde
663730e74d1993cae01c5d5a03b13b9ea2ea4a1bd74c631f4a5b46d7ad2b9ad5
6cc843ac3173e76699311b05b5e5d2aa0e8a20a227c3f1116fdd09ddea42f68a
76ac6becabcd10c38565b129de92fb21b39c61f1372909cf317f67fac78a528b
76cc57292c3dab985a3558c99bf3d15efc5ded78a33b04edce856ca316e4ab68
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
968633d198051d5c6e8e8e960b947a4f0aac5ebad393554ab2f31ad0cc4f721e
980a8e0746ddb04e9255b764c3b943d0acd924bf873ed6ec6fc33aa9da0d9133
99a1d87f6f81cb83da9f71c48cf14f8faad64e263fd5a2e3bdddf47505fb9927
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9e677bf7a8692f8ddea99f14aff0418d1301c46f7e5bb79bd96d10c86abfb122
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5a01d99003e53f64f8549aed69c5808e9f88ecb89bbc7db92cd01a9d68ed11c
a8887134a3693b22e3eb85b8e6e89d6f1e4580f8cea3086601f45407dae48478
ab97fcc68ca69b03e42c72c0549c06a66856a2eaf53b1ddb50b75ebd9d5cd23c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad8982a5be4de4de13ee254b435db1e3d91845abfc8aac6966c4f03b9fcea6c2
b181f7ce59e69f4107c39c886a42f29fa4731bb4a29671aeb4bcefcb6ce61dd0
b8695a0a8f3cbf99392f8e08c99c2dc0cb4cf3cf12cd8bf6be61b012e38c9b63
bab57596e67c24f23305bfbcf2f313f2ac1b17c8c16c722bc10f304e086d08ec
c4a77c3ba0af6b05ecddbf190ab7eec0df40d0848233c6d48490bce8be80f0e6
cd3f414c5f0f04abde2ef7d3bf119d996db0e5a836adba77850e3920e1a890f4
cddd5c5f7c1463aaccb31a43e8172bc48bebabb24c51b6e8cbf69ebe1444911f
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d195233d8dbda745ea19b354a0c70d3ea1305686395c8d8a9db1b65d5387cc62
d51d3fe13b2ada5566d746b44b91adeae218485d9c0a896f5eaa7dc381f7d281
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
eaeb5694891d4b63daabce10425cc2f5956145fff42a3a62b24235e3b3ba4c81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23cae8891aeda81512d7e79556e3023caccb854d28245b546742831ac5487bd
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd36a668b617174934605d8893924d48f0bac4a69ba0026908c7542e1c6f641f

rmintro.hsbc.com.my Open in urlscan Pro 54.255.85.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

43 %IPv6

15 Domains

24 Subdomains

21 IPs

5 Countries

1352 kBTransfer

3155 kBSize

15 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rmintro.hsbc.com.my Open in urlscan Pro
54.255.85.223 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

43 %
IPv6

15
Domains

24
Subdomains

21
IPs

5
Countries

1352 kB
Transfer

3155 kB
Size

15
Cookies

61 HTTP transactions
0 data transactions