urlscan.io logo urlscan.io
SecurityTrails logo

businessgo-uat2.hsbc.com Open in urlscan Pro
2.23.209.132  Public Scan

Go To Rescan Add Verdict Report
URL: https://businessgo-uat2.hsbc.com/
Submission Tags: falconsandbox
Submission: On November 25 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 74 HTTP transactions. The main IP is 2.23.209.132, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is businessgo-uat2.hsbc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 6th 2024. Valid for: a year.
This is the only time businessgo-uat2.hsbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2.23.209.132 20940 (AKAMAI-AS...)
12 13.33.187.60 16509 (AMAZON-02)
1 23.37.38.214 16625 (AKAMAI-AS)
1 13.32.121.116 16509 (AMAZON-02)
1 3.67.218.245 16509 (AMAZON-02)
1 52.23.44.33 14618 (AMAZON-AES)
7 216.58.206.40 15169 (GOOGLE)
2 2 216.58.212.162 15169 (GOOGLE)
2 18.196.56.7 16509 (AMAZON-02)
2 157.240.253.1 32934 (FACEBOOK)
1 16.162.189.0 16509 (AMAZON-02)
6 3.208.244.91 14618 (AMAZON-AES)
1 3.121.48.255 16509 (AMAZON-02)
3 142.250.185.100 15169 (GOOGLE)
4 157.240.253.35 32934 (FACEBOOK)
4 142.250.185.226 15169 (GOOGLE)
1 43.198.124.54 16509 (AMAZON-02)
2 104.17.208.240 13335 (CLOUDFLAR...)
74 18
18    2.23.209.132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-23-209-132.deploy.static.akamaitechnologies.com
businessgo-uat2.hsbc.com
12    13.33.187.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-60.fra60.r.cloudfront.net
tags.tiqcdn.com
1    23.37.38.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-214.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
1    13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
cdn.heapanalytics.com
1    3.67.218.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-218-245.eu-central-1.compute.amazonaws.com
v2.d41.co
1    52.23.44.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-44-33.compute-1.amazonaws.com
api7119.d41.co
7    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net
www.googletagmanager.com
2    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
2    18.196.56.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-56-7.eu-central-1.compute.amazonaws.com
datacloud.tealiumiq.com
collect.tealiumiq.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    16.162.189.0 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-162-189-0.ap-east-1.compute.amazonaws.com
collect-ap-east-1.tealiumiq.com
6    3.208.244.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-244-91.compute-1.amazonaws.com
heapanalytics.com
1    3.121.48.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-48-255.eu-central-1.compute.amazonaws.com
ipw.d41.co
3    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
4    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
td.doubleclick.net
1    43.198.124.54 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-198-124-54.ap-east-1.compute.amazonaws.com
visitor-service-ap-east-1.tealiumiq.com
2    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
18 hsbc.com
businessgo-uat2.hsbc.com
1 MB
13 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1341
akamai.tiqcdn.com — Cisco Umbrella Rank: 12141
87 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
530 KB
7 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 867
heapanalytics.com — Cisco Umbrella Rank: 683
39 KB
6 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
7 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
4 KB
4 tealiumiq.com
datacloud.tealiumiq.com — Cisco Umbrella Rank: 7554
collect-ap-east-1.tealiumiq.com — Cisco Umbrella Rank: 135572
collect.tealiumiq.com — Cisco Umbrella Rank: 4024
visitor-service-ap-east-1.tealiumiq.com — Cisco Umbrella Rank: 85694
5 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
417 B
3 d41.co
v2.d41.co — Cisco Umbrella Rank: 66628
api7119.d41.co — Cisco Umbrella Rank: 636081
ipw.d41.co — Cisco Umbrella Rank: 522612
98 KB
2 qualtrics.com
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com — Cisco Umbrella Rank: 85191
siteintercept.qualtrics.com — Cisco Umbrella Rank: 935
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
0 parsely.com Failed
cdn.parsely.com Failed
74 12
Domain Requested by
18 businessgo-uat2.hsbc.com businessgo-uat2.hsbc.com
12 tags.tiqcdn.com businessgo-uat2.hsbc.com
tags.tiqcdn.com
7 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
6 heapanalytics.com businessgo-uat2.hsbc.com
4 www.facebook.com businessgo-uat2.hsbc.com
3 www.google.com www.googletagmanager.com
businessgo-uat2.hsbc.com
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 cm.g.doubleclick.net 2 redirects
1 siteintercept.qualtrics.com zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1 zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com tags.tiqcdn.com
1 visitor-service-ap-east-1.tealiumiq.com tags.tiqcdn.com
1 ipw.d41.co v2.d41.co
1 collect.tealiumiq.com tags.tiqcdn.com
1 collect-ap-east-1.tealiumiq.com tags.tiqcdn.com
1 datacloud.tealiumiq.com businessgo-uat2.hsbc.com
1 api7119.d41.co tags.tiqcdn.com
1 v2.d41.co tags.tiqcdn.com
1 cdn.heapanalytics.com tags.tiqcdn.com
1 akamai.tiqcdn.com tags.tiqcdn.com
0 cdn.parsely.com Failed businessgo-uat2.hsbc.com
74 22

This site contains no links.

Subject Issuer Validity Valid
businessgo-uat1.hsbc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-06 -
2025-06-06		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-05 -
2025-11-04		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02		 2024-05-29 -
2025-06-26		 a year crt.sh
v2.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-10-05		 a year crt.sh
*.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-04 -
2024-12-03		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M03		 2024-02-05 -
2025-03-05		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M03		 2024-11-18 -
2025-12-17		 a year crt.sh
ipw.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-10-05		 a year crt.sh
www.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-02-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://businessgo-uat2.hsbc.com/
Frame ID: 55EA7F5940C83590DDA9D4099B61CB12
Requests: 72 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/956500078?random=1732576576754&cv=11&fst=1732576576754&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v873280438za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E9F71E5BEDD1503EFC06E3C42FA08EE9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16489851673?random=1732576576863&cv=11&fst=1732576576863&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9179815738za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 91C0675E9AD76D3FC20555F96ACC72D3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbusinessgo-uat2.hsbc.com
Frame ID: AB0075EBF480EFFD67051F43D15263DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HSBC Business Go

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

74
Requests

89 %
HTTPS

0 %
IPv6

12
Domains

22
Subdomains

18
IPs

4
Countries

1953 kB
Transfer

5836 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb HTTP 302
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb&google_tc= HTTP 302
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb&google_gid=CAESEGfQWJImw9mYQsw7vGY7GtU&google_cver=1

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
businessgo-uat2.hsbc.com/ 		729 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d0b49d44af04e30d71e3184bddbd52341ef8b136aecb5a4521ee34ec1d5d34c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://businessgo-uat2.hsbc.com
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
400
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 23:16:10 GMT
etag
W/"673ed8b6-2d9"
expires
Mon, 25 Nov 2024 23:16:10 GMT
generate-request-id
false
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
userAgent.js
businessgo-uat2.hsbc.com/vendor/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendor/userAgent.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
733abede8d6aac6197a95d1b7da177b44609e96e6a66bf3fb40fd19f9cbb8ee4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"66f2646b-580"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Sep 2024 07:04:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=60
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
582
x-xss-protection
1; mode=block
config.js
businessgo-uat2.hsbc.com/siriusresource/env/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/siriusresource/env/config.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ca48fc70f3515912ae141388297d8787fc8ef18a53b4bbf5b651b99a26cdb5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
etag
W/"165e-190e8adf528"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:11 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 01:33:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
public, max-age=0
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
1386
x-xss-protection
1; mode=block
main.5af5bba9.js
businessgo-uat2.hsbc.com/ 		2 MB
712 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a4aa20557a758a1e6f99410af6e2a9fd05ea7c7a4769a4fa168bcdae2ff6b5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed8b6-21b318"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=871
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
728068
x-xss-protection
1; mode=block
web-tag.js
businessgo-uat2.hsbc.com/vendor/ 		716 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendor/web-tag.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f57aa05b3d036c57ef3c1748f2e6020cb914cb86e1547134a10b02ae9ee6071
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"66f2646b-2cc"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Sep 2024 07:04:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=60
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
319
x-xss-protection
1; mode=block
pkgver.js
businessgo-uat2.hsbc.com/vendor/ 		355 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendor/pkgver.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4604cc57b60c01201b346ced372317aff22240729348496047873eb54b30eb0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed85f-163"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 06:51:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=60
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
237
x-xss-protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		183 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/vendor/web-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ded0f45939053a8d4ef2a25f8ff7b381b5679dee1f8248e46344228cf4eef35b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
gzip
etag
W/"f586e69fce867a8746e3ff0baf3b3df1"
x-amz-version-id
GKS_BqGV3.5f7K57AZFQDLirn230Vr8N
age
4
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SQxjmrLAf1fSBKs8_9J1PDy8ZH-aDCgjdzMgwxHoHDWfmPgLZWtAOw==
date
Mon, 25 Nov 2024 23:16:12 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.sync.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		109 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.sync.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/vendor/web-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
970d116778540b5cbef86f3f3242de44a8019cd3f7272f4e05f0648a9665f0fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

x-amz-version-id
mBhUNGbN0Pf_Uigace4_OHF27sXt16Jm
etag
"547721156c96a309f542a1920f92a130"
age
4
x-cache
Hit from cloudfront
x-amz-cf-id
jQFWnYI7RKN_rQQGYnwfwDVv-avsXBWvm2YvLtbjG0VILtS13kr8fw==
date
Mon, 25 Nov 2024 23:16:12 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 07:45:24 GMT
cache-control
max-age=300
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
109
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
location.js
akamai.tiqcdn.com/location/ 		18 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

X-EdgeScape-Location
country_code=IT,region_code=0,city=MILANO,areacode=0,zip=0,bandwidth=5000
Cache-Control
max-age=1296000
Access-Control-Expose-Headers
X-EdgeScape-Location
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 23:16:16 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18
Date
Mon, 25 Nov 2024 23:16:16 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/global-cmb-businessgo/202411190745&cb=1732576575734
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
549
x-cache
Hit from cloudfront
x-amz-cf-id
_daYjgb-j33ogEKr_rSapFOVdA6ru3WBSGP-JREuPItJKokLfyZkNA==
date
Mon, 25 Nov 2024 23:07:07 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
utag.695.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.695.js?utv=ut4.48.202408231048
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07726a992d21d913d178666123106ac99985abe9ff80a21c9797ac198dd5ebb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"44fa5ad96e388fe3bff9b1c3423f286f"
x-amz-version-id
_.4Ow4MiAMzvGJh_3_y0DNNJ19WRHhgF
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Jvsln6GInTGCiGUs1o7O14VamlTXZmJ0ePR6cQ1KoOi8MWO72jWGYQ==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.502.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.502.js?utv=ut4.48.202308101402
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e23293480cbabd3f8da81394dd1249772fe9a5379c5dd9ee4796f127c31017

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"a02dcba473bc90a630f48f560e27c795"
x-amz-version-id
wMn9Ii5kYzpTfLGbKhChbKojv4WrNliy
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
14g_C5z7FVzvZxJXsxv8zegId6GxYnkwkHXL_Y8fJDuCu8lVPCq05g==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.556.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.556.js?utv=ut4.48.202205231910
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d8242ab6fd2b7275e43dbbd176a6bd35cf8c1ecc073e2e086eda901c023750a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"93053e4682face87ff7a56cb833d2f19"
x-amz-version-id
6g3crHDr8jp411vhZrd.Cm2zMM8GaVWf
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KAGpayMwO8_Q8HJ8KrxJq0t7oL0MCSSSj6sHDsWO6XDEMst3qlV1Bg==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.623.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.623.js?utv=ut4.48.202308101402
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4473d1060601d9a2192b3ec1bfe6ef7021b9978a0c79a4d0b133649cbdd9fc65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"7ec61492f9985020484fb8db787de450"
x-amz-version-id
lfvLIIc4eNz32jZSGggfSNtU29nAseN5
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
CnvTZLW1Ofk97etFYpQUsXd6OtJvn1vkRVSEfhuCIZh9tGfdq8nDog==
date
Mon, 25 Nov 2024 23:16:12 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.644.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.644.js?utv=ut4.48.202212021622
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
611a9f1c96e4d09104a0adb320daa2121764e8088efb0105dff3d2266d9fda15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"ab0caf3676f6cc7cbaa00c98828d68a8"
x-amz-version-id
spzY8lbG8oixQ3b4KMgcG4tOlNaL4Zj6
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
4SiPL9kn3-S9qZoE2qyM30eCxR8VqF6UJkgrAzF_0SE4BIbqleY8_w==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.668.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.668.js?utv=ut4.48.202403221332
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc9948c2bb6e13cfb19d727c15c47899daad6370eaaf8ba76328e659283b383e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"f3b79e7ba41bbfdfb3f7d9c8b05ba1f1"
x-amz-version-id
vpFY9D2Sqylpr8ybtw7_rj3rdWI2s9wL
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3rPF-EefwnTButPcNl0g4v7BWol3XK2d-d5v_B66afwnxduUxzkBog==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.692.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.692.js?utv=ut4.48.202403051930
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ceed872f09307797fffb5f79f0f347c3a92e3a38a10401fe41dee6adbb5cab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"041f47249e782adb58041863f5b8b378"
x-amz-version-id
JR5vStvL_4zUkAm3tS1sZSLKU9sHclbY
age
2
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
WVV_4KgU7WTdRdDM_KCNbGBtRIXNeVWik257SCCsbEfgpKZC62EORg==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.704.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.704.js?utv=ut4.48.202408270653
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bc6a55405d2f2b9a7f40567aab27d0cc1a0fc054cc7b58091aabe5e38e7684b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"8cb8bcd253467ea813f2dd1a77ff4d3e"
x-amz-version-id
lBqMfJ4NTB.SEXOEk_SfnjbLGnP2fPgm
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
FkTdTB5oLAM_Lv1TFUr1U4Opjd1d2-SPfPziGW-3_kRylJIwaVkwag==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
utag.712.js
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.712.js?utv=ut4.48.202411190631
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e586ba43fec0c7b09f52481163e57a02c693a184850770b715a888deeed14c83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"c49cb52391e616907e1b0700f4ed794b"
x-amz-version-id
4UEDjkg.L89c4f5EZ3FxKrzs1YzDDSq.
age
3
via
1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Sz_q7j-KJjFKTddhaIIqBHhf82yu8T0rfqt1Ta1wKS5rvavZKw0Y9w==
date
Mon, 25 Nov 2024 23:16:13 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 07:45:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
heap-140346066.js
cdn.heapanalytics.com/js/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-140346066.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-116.fra60.r.cloudfront.net
Software
nginx / Express
Resource Hash
e972cb572e16717af651808113536e0faaddaea7ccadb3cecbef0ec2c46d5461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
etag
W/"1d4bc-OQL9xaZyfAfa0oe4+ES8oHVPE1Y"
age
4
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tAv70WTq7hp9EjFUxJujqUv_ln13cIRzYHkNTQ2VcFkzFEUwhzkadg==
date
Mon, 25 Nov 2024 23:16:12 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-powered-by
Express
server
nginx
dnb_coretag_v6.min.js
v2.d41.co/tags/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.d41.co/tags/dnb_coretag_v6.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.218.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-218-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
27e5a3ad59a9e0213824b548d9703155b454cfcffc7690842436aff86cb310c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

x-amzn-remapped-content-length
99032
timestamp
Mon, 25 Nov 2024 23:16:17 GMT
x-amz-apigw-id
B03CEGaRliAEXzw=
x-amzn-trace-id
Root=1-67450540-2a026c9015350c9000cf6f2d
x-amzn-requestid
b4a18d6c-7191-497c-b114-1ccb3ea44253
content-length
99032
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript
/
api7119.d41.co/sync/ 		0
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api7119.d41.co/sync/
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.668.js?utv=ut4.48.202403221332
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.44.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-44-33.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
cache-control
no-store
pragma
no-cache
expect-ct
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://businessgo-uat2.hsbc.com
date
Mon, 25 Nov 2024 23:16:16 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8694520
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.692.js?utv=ut4.48.202403051930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
39841f21f3008e5e37e72f1b8c605c15f389c65ee0da4ac7cfbd80f9ace242c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83675
x-xss-protection
0
server
Google Tag Manager
i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile...
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profil...
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb&google_gid=CAESE...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb&google_gid=CAESEGfQWJImw9mYQsw7vGY7GtU&google_cver=1
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Server
18.196.56.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-56-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

vary
Origin
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-uuid
dae49723-824e-4fcc-a1cf-170077475da6
pragma
no-cache
x-tid
0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb
expires
Mon, 25 Nov 2024 23:16:16 GMT
content-length
43
x-serverid
uconnect_uconnect-dc8fa16e-1014-448b-ab7c-770e662c3e90
date
Mon, 25 Nov 2024 23:16:16 GMT
x-acc
hsbc:hk-cmb:2:vdata
content-type
image/gif
x-ulver
47981bf898dfcbe6ea8a378c5e27ff46cc3db43e-SNAPSHOT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-did
0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb
x-region
eu-central-1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0193659c80e8001cee1b1ac20c0105065002105d00b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb&google_gid=CAESEGfQWJImw9mYQsw7vGY7GtU&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
450
date
Mon, 25 Nov 2024 23:16:16 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
fbevents.js
connect.facebook.net/en_US/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-dcdK2YrT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-dcdK2YrT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=13, mss=1288, tbw=2943, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
t7VqnH2aCTERtLB2ow5HwZIhnk24lFvQyZI6SjSrsqh6pw0vRMhNeubpYkrLtpOqc1I4dpVl/TkkZTpv+Z1Y0Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
i.gif
collect-ap-east-1.tealiumiq.com/hsbc/hk-cmb/2/ 		43 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-ap-east-1.tealiumiq.com/hsbc/hk-cmb/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.502.js?utv=ut4.48.202308101402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
16.162.189.0 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-162-189-0.ap-east-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryTBSMAMMj3vdAMcHD
Referer
https://businessgo-uat2.hsbc.com/

Response headers

access-control-expose-headers
X-Region
expires
Mon, 25 Nov 2024 23:16:16 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-serverid
uconnect_uconnect-e835cad5-2fe1-41fb-a307-bcf749fa3c40
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
image/gif
vary
Origin
x-uuid
d68788fb-ff26-4a27-a5b2-74e6e7e3bb41
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
pragma
no-cache
access-control-allow-credentials
true
x-tid
0193659c80e8001cee1b1ac20c0105065002105d00b08
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
43
x-acc
hsbc:hk-cmb:2:datacloud
x-ulver
47981bf898dfcbe6ea8a378c5e27ff46cc3db43e-SNAPSHOT
x-did
0193659c80e8001cee1b1ac20c0105065002105d00b08
x-region
ap-east-1
i.gif
collect.tealiumiq.com/hsbc/global-cmb-businessgo/2/ 		43 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/hsbc/global-cmb-businessgo/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.712.js?utv=ut4.48.202411190631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.56.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-56-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBZm66Z6kDXtm3mJc
Referer
https://businessgo-uat2.hsbc.com/

Response headers

access-control-expose-headers
X-Region
expires
Mon, 25 Nov 2024 23:16:16 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-serverid
uconnect_uconnect-2c85c205-fd5a-49e7-9967-e276d99d6739
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
image/gif
vary
Origin
x-uuid
39dbb505-a142-4926-9879-5ef4752266d0
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
pragma
no-cache
access-control-allow-credentials
true
x-tid
0193659c80e8001cee1b1ac20c0105065002105d00b08
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
43
x-acc
hsbc:global-cmb-businessgo:2:datacloud
x-ulver
47981bf898dfcbe6ea8a378c5e27ff46cc3db43e-SNAPSHOT
x-did
0193659c80e8001cee1b1ac20c0105065002105d00b08
x-region
eu-central-1
telemetry
heapanalytics.com/api/ 		32 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=140346066&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1732576576168&hv=4.23.4&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
32
date
Mon, 25 Nov 2024 23:16:16 GMT
pragma
no-cache
content-type
image/gif
add_user_properties_v3
heapanalytics.com/api/ 		37 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=140346066&u=4746212846946324&v=3707201157221637&s=2449756151829821&b=web&tv=4.0&_tv_id=0193659c80e8001cee1b1ac20c0105065002105d00b08&st=1732576576179&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
h
heapanalytics.com/ 		37 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=140346066&u=4746212846946324&v=3707201157221637&s=2449756151829821&b=web&tv=4.0&z=0&h=%2F&d=businessgo-uat2.hsbc.com&t=HSBC%20Business%20Go&k=page_name&k=Businessgo-uat2%3AHome&k=ut_env&k=dev&k=ut_domain&k=hsbc.com&k=ut_profile&k=global-cmb-businessgo&k=page_url&k=businessgo-uat2.hsbc.com%2F&ts=1732576576178&sch=1200&scw=1600&st=1732576576180&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
h
heapanalytics.com/ 		37 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=140346066&u=4746212846946324&v=3707201157221637&s=2449756151829821&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1732576576178&sp=d&sp=businessgo-uat2.hsbc.com&sp=h&sp=%2F&sp=t&sp=HSBC%20Business%20Go&pp=d&pp=businessgo-uat2.hsbc.com&pp=h&pp=%2F&pp=t&pp=HSBC%20Business%20Go&pp=ts&pp=1732576576178&id0=4420985829157239&k0=page_name&k0=Businessgo-uat2%3AHome&k0=ut_env&k0=dev&k0=ut_domain&k0=hsbc.com&k0=ut_profile&k0=global-cmb-businessgo&k0=page_url&k0=businessgo-uat2.hsbc.com%2F&k0=page_name&k0=Businessgo-uat2%3AHome&k0=page_name_en&k0=Businessgo-uat2%3AHome&k0=page_url&k0=businessgo-uat2.hsbc.com%2F&k0=tealium_profile&k0=global-cmb-businessgo&k0=tealium_env&k0=dev&k0=tealium_account&k0=hsbc&k0=tealium_event&k0=view&k0=time_parting&k0=12%3A16%20AM%7CTuesday&t0=Page%20View%20(c)&ts0=1732576576175&st=1732576576180&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
validate
ipw.d41.co/ 		49 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipw.d41.co/validate
Requested by
Host: v2.d41.co
URL: https://v2.d41.co/tags/dnb_coretag_v6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-48-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dd69775d3c43b7650c444e5c5b95053e819a8307b752dae05b5711377883e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
1d24fae8dddeffdc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
0
access-control-allow-origin
*
date
Mon, 25 Nov 2024 23:16:16 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=740368381.1732576577&auid=738320092.1732576577&npa=0&gtm=45fe4bk0v9189910123za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732576576510&tfd=7246&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers
js
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11261169&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
64f4cacdda4c010a2804ffb4745a1ef130a70709e1e8f272250429b235cc1459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83719
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8741793&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6a5f05b192bb66fec7614c34a1a217297a914ae3b596eabecb6dbcdd89bf0037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83736
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8763855&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ebfd7e2f76f2539b39e2943471eff712920abed008d1bdd949eecdb474be2d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83767
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		308 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-956500078&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
707ae340a5fc25daaff4ed9d26c89e197bde7bcfa1d6d54b952d2b0ba7c37d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103628
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		301 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16489851673&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8694520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3b88454d3b939f34425c4d8810846494fcf045d0ebd7359bc4f98388f6bc5003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 23:16:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102974
x-xss-protection
0
server
Google Tag Manager
1269803290668539
connect.facebook.net/signals/config/ 		72 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1269803290668539?v=2.9.176&r=stable&domain=businessgo-uat2.hsbc.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
01c358c0394b7c60dc0a39fe1bba1fe83b28de378c6bed7d33a523e1faf1d269
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-repSAGRT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 23:16:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-repSAGRT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=60, mss=1288, tbw=67724, tp=-1, tpl=-1, uplat=43, ullat=0
pragma
public
x-fb-debug
TvR8zzui7wcEtKFhFaOMHgQVH6aFE2NPnD9Y078Sfg5IpjllQXnSGo1aO69bazdVwAb75j+s4QhitYrXBAIAWA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1269803290668539&ev=PageView&dl=https%3A%2F%2Fbusinessgo-uat2.hsbc.com&rl=&if=false&ts=1732576576643&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=0&o=12316&fbp=fb.1.1732576576638.342220932652407082&pm=1&hrl=0338ab&ler=empty&cdl=API_unavailable&it=1732576576522&coo=false&cs_cc=1&cas=27148941621416475%2C8681966191890314%2C7697415877046808&rqm=GET
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1288, tbw=2947, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 25 Nov 2024 23:16:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1269803290668539&ev=PageView&dl=https%3A%2F%2Fbusinessgo-uat2.hsbc.com&rl=&if=false&ts=1732576576643&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=0&o=12316&fbp=fb.1.1732576576638.342220932652407082&pm=1&hrl=0338ab&ler=empty&cdl=API_unavailable&it=1732576576522&coo=false&cs_cc=1&cas=27148941621416475%2C8681966191890314%2C7697415877046808&rqm=FGET
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441359737293260595"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 23:16:17 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441359737293260595", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
g/wF6mNsxkuhGyBpi98QTDnMv3PndlceHD8/nHZc0vi7utjyBt5Kzu3x9RMzO8S6GFaCbSWVk7r6DKc6dssuHw==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1288, tbw=3265, tp=-1, tpl=-1, uplat=210, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
telemetry
heapanalytics.com/api/ 		32 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=140346066&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1732576576172&hv=4.23.4&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
32
date
Mon, 25 Nov 2024 23:16:16 GMT
pragma
no-cache
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956500078/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956500078/?random=1732576576754&cv=11&fst=1732576576754&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v873280438za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-956500078&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a2cec9f1dc67ffd56750e95cddae0f567ce29c73d9ec185bbb8812d9d5ad7118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2337
date
Mon, 25 Nov 2024 23:16:17 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
956500078
td.doubleclick.net/td/rul/ Frame E9F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/956500078?random=1732576576754&cv=11&fst=1732576576754&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v873280438za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-956500078&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessgo-uat2.hsbc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 23:16:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16489851673/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16489851673/?random=1732576576863&cv=11&fst=1732576576863&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9179815738za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16489851673&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
913b0e5caf779bef6450831f36ed7a1b440adb80b52da4c3bd6fd134f197de94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2339
date
Mon, 25 Nov 2024 23:16:17 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16489851673
td.doubleclick.net/td/rul/ Frame 91C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16489851673?random=1732576576863&cv=11&fst=1732576576863&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9179815738za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16489851673&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessgo-uat2.hsbc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 23:16:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame AB00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbusinessgo-uat2.hsbc.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-956500078&l=dataLayer&cx=c&gtm=45fe4bk0v9189910123za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
63857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 05:32:00 GMT
expires
Tue, 25 Nov 2025 05:32:00 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0193659c80e8001cee1b1ac20c0105065002105d00b08
visitor-service-ap-east-1.tealiumiq.com/hsbc/hk-cmb/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-ap-east-1.tealiumiq.com/hsbc/hk-cmb/0193659c80e8001cee1b1ac20c0105065002105d00b08?callback=utag.ut%5B%22writevahk-cmb%22%5D&rnd=1732576577012
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.198.124.54 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-124-54.ap-east-1.compute.amazonaws.com
Software
/
Resource Hash
187e1b17f7eb400c77715e753d181fcdfbe2eebd73b2800de5a5e91ef06dc718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

x-nodeid
i-0d51dda381c06ac61
strict-transport-security
max-age=31536000; includeSubdomains
x-version
56ddd0c941762d4853c63ea1e2085ba9136ba444-SNAPSHOT
content-length
2312
date
Mon, 25 Nov 2024 23:16:17 GMT
content-type
application/javascript; charset=utf-8
x-region
ap-east-1
/
www.google.com/pagead/1p-user-list/956500078/ 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956500078/?random=1732576576754&cv=11&fst=1732575600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v873280438za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dUwGsTeShMsDJs6OcSLRdylLE1VFlW_nSHFFJS3uLzS9cS6tq&random=107216397&rmt_tld=0&ipr=y
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 23:16:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/16489851673/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16489851673/?random=1732576576863&cv=11&fst=1732575600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9179815738za200zb9189910123&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F&hn=www.googleadservices.com&frm=0&tiba=HSBC%20Business%20Go&npa=0&pscdl=noapi&auid=738320092.1732576577&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dZbu1G5xY1uVQrkzNiBc3fd9X4cPRMu16OdddFCI0q8s9RhpB&random=1069491110&rmt_tld=0&ipr=y
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 23:16:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vendors-src_modules_ErrorBoundary_ContentMovedPage_tsx-src_modules_ErrorBoundary_ErrorPage_ts-42a41d.2a36f30e.js
businessgo-uat2.hsbc.com/ 		256 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendors-src_modules_ErrorBoundary_ContentMovedPage_tsx-src_modules_ErrorBoundary_ErrorPage_ts-42a41d.2a36f30e.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22583cc8084a1bcfaafd6a3117a5cb5f1aef9f73a876226b4630d4e6d83a7056
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed8b6-3ffb9"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=836
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
93207
x-xss-protection
1; mode=block
vendors-src_components_DeadLink_index_tsx-src_components_LeaveModalPrompt_index_tsx-src_compo-271062.2f0805a3.js
businessgo-uat2.hsbc.com/ 		347 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendors-src_components_DeadLink_index_tsx-src_components_LeaveModalPrompt_index_tsx-src_compo-271062.2f0805a3.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7176db684f26c8273a8b573939a34d26687d463181602bd9f42546fbce26fdde
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed8b6-56ba7"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=873
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
101435
x-xss-protection
1; mode=block
node_modules_siriusbeyond_ui_lib_assets_normalize_css-src_styles_vg-antd_css.061f0e9d.css
businessgo-uat2.hsbc.com/css/ 		558 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/css/node_modules_siriusbeyond_ui_lib_assets_normalize_css-src_styles_vg-antd_css.061f0e9d.css
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78600f028ad257862439cb744162af6a94a93564a3fff5c429bfe6b7f87cea05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"66f264c5-8b753"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:18 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:05:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=893
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
101989
x-xss-protection
1; mode=block
src_bootstrap_tsx-src_assets_locale_lazy_recursive_json_-src_assets_fonts_HSBCBold_ttf-src_as-c8be2e.8cda9f2a.js
businessgo-uat2.hsbc.com/ 		30 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/src_bootstrap_tsx-src_assets_locale_lazy_recursive_json_-src_assets_fonts_HSBCBold_ttf-src_as-c8be2e.8cda9f2a.js
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21931507c8b75a34ab568d1e23b225aed3f6ac3be278ab891379c893c38b2621
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed8b6-780b"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=847
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
15466
x-xss-protection
1; mode=block
HSBCRegular.f51c04cf.woff2
businessgo-uat2.hsbc.com/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/assets/fonts/HSBCRegular.f51c04cf.woff2
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78e0b03ae4f76c7e86a1cc1925795aac9c475af4766628c68bcae9a6cddd1e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://businessgo-uat2.hsbc.com
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
"66f264c5-4134"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Sep 2024 07:05:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=2110542
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
16720
x-xss-protection
1; mode=block
mfe-config.json
businessgo-uat2.hsbc.com/mfeConfig/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/mfeConfig/mfe-config.json
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3da24968a5dbfc3b6646aca38f4019865d8872b488775e0c2e2f94dc563edb83
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
W/"673ed8b6-ff3"
generate-request-id
false
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 23:16:21 GMT
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
application/json
last-modified
Thu, 21 Nov 2024 06:52:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
888
x-xss-protection
1; mode=block
refreshbanksession
businessgo-uat2.hsbc.com/api/security-framework/platform-identitymanagement/v1/dsp/ 		68 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/api/security-framework/platform-identitymanagement/v1/dsp/refreshbanksession
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ddbfe54805d4e9626890ae24825509adae843e1a3148836e4ff2638a7dfe35df
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

language
en_US
internalId
0193659c80e8001cee1b1ac20c0105065002105d00b08
Referer
https://businessgo-uat2.hsbc.com/
m-paired-id
Y
country-or-region
WORLD_WIDE
guestId
6b696b7f-d9ef-4bce-8e18-5ce5db4fa038
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=0, no-cache, no-store
generate-request-id
false
pragma
no-cache
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires
Mon, 25 Nov 2024 23:16:21 GMT
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
68
x-xss-protection
1; mode=block
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
text/plain;charset=UTF-8
x-frame-options
SAMEORIGIN
/
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?siteinterceptserver=zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com&Q_ZID=SI_2fXwNpIDGPVnTMi&Q_LOC=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.644.js?utv=ut4.48.202212021622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755504ad9b5482b12bbe801e3f1126176e770dd42b24cba3090d3519b6b6bb98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"26a8-KaUcIIUDO5eVHAOMW5sLphvvis4"
age
326623
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
edge-control
max-age=604800
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray
8e8558933fd85d48-FRA
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
server
cloudflare
favicon.ico
businessgo-uat2.hsbc.com/vendor/verification/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendor/verification/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
390b278641dff296d100a43d9b2ee5c373d6bda29b107f8379be38b1fc6a3c3a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
"66f2646b-6ef"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
image/x-icon
last-modified
Tue, 24 Sep 2024 07:04:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=60
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
1798
x-xss-protection
1; mode=block
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c1dda294108f38aac197c0abb1ad85138e630b3ea1c0b2fdc8696326fd76be9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
p.js
cdn.parsely.com/keys/staginguat.hsbc.com.hk/ 		0
0
HSBCMedium.b79fa80d.woff2
businessgo-uat2.hsbc.com/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/assets/fonts/HSBCMedium.b79fa80d.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ace48892f3c1ca4f83d1925d4a5029e54926c17cf438edccb0351e571c732d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://businessgo-uat2.hsbc.com
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
"66f264c5-41b4"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Sep 2024 07:05:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=2110569
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
16848
x-xss-protection
1; mode=block
HSBCBold.54164aae.woff2
businessgo-uat2.hsbc.com/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/assets/fonts/HSBCBold.54164aae.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb1fc56e03922009390d3588a3a18ec9a2ceddac2ee486b85445a9f911780d05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://businessgo-uat2.hsbc.com
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
etag
"66f264c5-41bc"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
application/octet-stream
last-modified
Tue, 24 Sep 2024 07:05:41 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
cache-control
max-age=2110552
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
16856
x-xss-protection
1; mode=block
websitewhitelist
businessgo-uat2.hsbc.com/api/security-framework/platform-applicationconfigmanager/v1/ 		105 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/api/security-framework/platform-applicationconfigmanager/v1/websitewhitelist
Requested by
Host: businessgo-uat2.hsbc.com
URL: https://businessgo-uat2.hsbc.com/main.5af5bba9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5affbe94cb42c080ba54c76901253e667dd6126fbb31cb635fe4dcb4ba885151
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; img-src 'self';
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

language
en_US
internalId
0193659c80e8001cee1b1ac20c0105065002105d00b08
Referer
https://businessgo-uat2.hsbc.com/
m-paired-id
Y
country-or-region
WORLD_WIDE
guestId
6b696b7f-d9ef-4bce-8e18-5ce5db4fa038
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

etag
W/"69-gm1AEFnAsII5H9IYoQXnQ8A+giY"
generate-request-id
false
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 23:16:22 GMT
date
Mon, 25 Nov 2024 23:16:22 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-security-policy
default-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; img-src 'self';
cache-control
max-age=0, no-cache, no-store
x-dns-prefetch-control
off
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
country
IT
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
105
x-xss-protection
1; mode=block
profile
businessgo-uat2.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/ 		0
0
getCWSettings
businessgo-uat2.hsbc.com/api/security-framework/vgo/api/master/V1/ 		0
0
profile
businessgo-uat2.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/ 		0
0
10.07268bfc859327bf20d5.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.07268bfc859327bf20d5.chunk.js?Q_CLIENTVERSION=2.20.0&Q_CLIENTTYPE=web&Q_BRANDID=businessgo-uat2.hsbc.com
Requested by
Host: zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
URL: https://zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?siteinterceptserver=zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com&Q_ZID=SI_2fXwNpIDGPVnTMi&Q_LOC=https%3A%2F%2Fbusinessgo-uat2.hsbc.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66686747fcba3e9efc3537cb9d122b3e415c0827ac3942449c40e4b17abb9305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"12bb5-1934b9dd458"
age
347261
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 22:07:35 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray
8e85589468415d48-FRA
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
server
cloudflare
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
remoteEntry.js
businessgo-uat2.hsbc.com/mfe/portal-layout/ 		0
0
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1269803290668539&ev=PageView&dl=https%3A%2F%2Fbusinessgo-uat2.hsbc.com&rl=&if=false&ts=1732576582174&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=1&o=12316&fbp=fb.1.1732576576638.342220932652407082&pm=1&hrl=a58656&ler=empty&cdl=API_unavailable&it=1732576576522&coo=false&cs_cc=1&cas=27148941621416475%2C8681966191890314%2C7697415877046808&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1288, tbw=6381, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 25 Nov 2024 23:16:22 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1269803290668539&ev=PageView&dl=https%3A%2F%2Fbusinessgo-uat2.hsbc.com&rl=&if=false&ts=1732576582174&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=1&o=12316&fbp=fb.1.1732576576638.342220932652407082&pm=1&hrl=a58656&ler=empty&cdl=API_unavailable&it=1732576576522&coo=false&cs_cc=1&cas=27148941621416475%2C8681966191890314%2C7697415877046808&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441359759300167543"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 23:16:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
aXlnXk6h1O5KYEG2SpSYwYb+lWwjhMUhXr3Qqh1dgLmHcG6R3KjKyGPtZnDP9hJGld4ydxJbaymNMdy9cPFrbg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441359759300167543", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1288, tbw=6551, tp=-1, tpl=-1, uplat=37, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
h
heapanalytics.com/ 		37 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=140346066&u=4746212846946324&v=4399774362717705&s=2449756151829821&b=web&tv=4.0&z=2&h=%2Fen%2F&d=businessgo-uat2.hsbc.com&t=HSBC%20Business%20Go&k=page_name&k=Businessgo-uat2%3AHome&k=ut_env&k=dev&k=ut_domain&k=hsbc.com&k=ut_profile&k=global-cmb-businessgo&k=page_url&k=businessgo-uat2.hsbc.com%2F&ts=1732576582256&pr=%2F&sp=ts&sp=1732576576178&sp=d&sp=businessgo-uat2.hsbc.com&sp=h&sp=%2F&sch=1200&scw=1600&st=1732576582256&lv=4.23.4&ld=cdn.heapanalytics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.244.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-244-91.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Mon, 25 Nov 2024 23:16:22 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
favicon.ico
businessgo-uat2.hsbc.com/vendor/verification/images/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://businessgo-uat2.hsbc.com/vendor/verification/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-23-209-132.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
390b278641dff296d100a43d9b2ee5c373d6bda29b107f8379be38b1fc6a3c3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://businessgo-uat2.hsbc.com/en/

Response headers

content-encoding
gzip
etag
"66f2646b-6ef"
generate-request-id
false
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 23:16:21 GMT
content-type
image/x-icon
last-modified
Tue, 24 Sep 2024 07:04:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=60
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges
bytes
access-control-allow-origin
https://businessgo-uat2.hsbc.com
content-length
1798
x-xss-protection
1; mode=block
miProfile
businessgo-uat2.hsbc.com/api/security-framework/mi-report/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.parsely.com
URL
https://cdn.parsely.com/keys/staginguat.hsbc.com.hk/p.js
Domain
businessgo-uat2.hsbc.com
URL
https://businessgo-uat2.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile
Domain
businessgo-uat2.hsbc.com
URL
https://businessgo-uat2.hsbc.com/api/security-framework/vgo/api/master/V1/getCWSettings
Domain
businessgo-uat2.hsbc.com
URL
https://businessgo-uat2.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile
Domain
siteintercept.qualtrics.com
URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_InterceptID=SI_2fXwNpIDGPVnTMi&Q_CLIENTVERSION=2.20.0&Q_CLIENTTYPE=web
Domain
businessgo-uat2.hsbc.com
URL
https://businessgo-uat2.hsbc.com/mfe/portal-layout/remoteEntry.js
Domain
businessgo-uat2.hsbc.com
URL
https://businessgo-uat2.hsbc.com/api/security-framework/mi-report/v1/miProfile

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| BG_FE_CONFIG function| setCookie string| deployVersion function| addTags function| isSupportedBrowserVersion function| versionCompare object| utag object| utag_cfg_ovrd object| utag_data object| TEALIUM object| __TEALIUM function| targetPageParamsAll function| targetPageParams object| TMS string| SI_2fXwNpIDGPVnTMi_sampleRate string| SI_2fXwNpIDGPVnTMi_url object| heap function| tealium_dnbwvid function| gtag object| dataLayer string| gtagRename function| fbq function| _fbq object| dnbvid object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| webpackChunkportal function| setImmediate function| clearImmediate function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb function| axiosInstance object| regeneratorRuntime object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.20.0

13 Cookies

Domain/Path Name / Value
businessgo-uat2.hsbc.com/ Name: felabel
Value: g
.doubleclick.net/ Name: IDE
Value: AHWqTUnQEmd_95Vs12fCGzOiBp89HxGOwqlmSEQMk3u1-7hNwG7w3xeQE_n_oeJUgTo
.hsbc.com/ Name: _hp2_props.140346066
Value: %7B%22page_name%22%3A%22Businessgo-uat2%3AHome%22%2C%22ut_env%22%3A%22dev%22%2C%22ut_domain%22%3A%22hsbc.com%22%2C%22ut_profile%22%3A%22global-cmb-businessgo%22%2C%22page_url%22%3A%22businessgo-uat2.hsbc.com%2F%22%7D
.hsbc.com/ Name: _hp2_id.140346066
Value: %7B%22userId%22%3A%224746212846946324%22%2C%22pageviewId%22%3A%223707201157221637%22%2C%22sessionId%22%3A%222449756151829821%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.tealiumiq.com/ Name: tcs.google_gid
Value: eyJoc2JjL2hrLWNtYiI6IkNBRVNFR2ZRV0pJbXc5bVlRc3c3dkdZN0d0VXwxNzMyNTc2NTc2MTc4In0=
.tealiumiq.com/ Name: tcs.google_cver
Value: eyJoc2JjL2hrLWNtYiI6IjF8MTczMjU3NjU3NjE3OCJ9
.hsbc.com/ Name: _gcl_au
Value: 1.1.738320092.1732576577
.hsbc.com/ Name: _fbp
Value: fb.1.1732576576638.342220932652407082
.tealiumiq.com/ Name: TAPID
Value: hsbc/hk-cmb>0193659c80e8001cee1b1ac20c0105065002105d00b08|
.hsbc.com/ Name: utag_main
Value: v_id:0193659c80e8001cee1b1ac20c0105065002105d00b08$_sn:1$_se:1$_ss:1$_st:1732578375720$ses_id:1732576575720%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_visit:1$dc_event:2%3Bexp-session$v_rc:0$v_cc:IT$v_c:MILANO$dc_region:ap-east-1%3Bexp-session
.hsbc.com/ Name: _hp2_ses_props.140346066
Value: %7B%22ts%22%3A1732576576178%2C%22d%22%3A%22businessgo-uat2.hsbc.com%22%2C%22h%22%3A%22%2F%22%7D
businessgo-uat2.hsbc.com/ Name: GUEST_ID
Value: 6b696b7f-d9ef-4bce-8e18-5ce5db4fa038
businessgo-uat2.hsbc.com/ Name: INTERNAL_ID
Value: 0193659c80e8001cee1b1ac20c0105065002105d00b08

1 Console Messages

Source Level URL
Text
network error URL: https://businessgo-uat2.hsbc.com/api/security-framework/platform-identitymanagement/v1/dsp/refreshbanksession
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
api7119.d41.co
businessgo-uat2.hsbc.com
cdn.heapanalytics.com
cdn.parsely.com
cm.g.doubleclick.net
collect-ap-east-1.tealiumiq.com
collect.tealiumiq.com
connect.facebook.net
datacloud.tealiumiq.com
googleads.g.doubleclick.net
heapanalytics.com
ipw.d41.co
siteintercept.qualtrics.com
tags.tiqcdn.com
td.doubleclick.net
v2.d41.co
visitor-service-ap-east-1.tealiumiq.com
www.facebook.com
www.google.com
www.googletagmanager.com
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
businessgo-uat2.hsbc.com
cdn.parsely.com
siteintercept.qualtrics.com
104.17.208.240
13.32.121.116
13.33.187.60
142.250.185.100
142.250.185.226
157.240.253.1
157.240.253.35
16.162.189.0
18.196.56.7
2.23.209.132
216.58.206.40
216.58.212.162
23.37.38.214
3.121.48.255
3.208.244.91
3.67.218.245
43.198.124.54
52.23.44.33
01c358c0394b7c60dc0a39fe1bba1fe83b28de378c6bed7d33a523e1faf1d269
07726a992d21d913d178666123106ac99985abe9ff80a21c9797ac198dd5ebb0
0c1dda294108f38aac197c0abb1ad85138e630b3ea1c0b2fdc8696326fd76be9
187e1b17f7eb400c77715e753d181fcdfbe2eebd73b2800de5a5e91ef06dc718
21931507c8b75a34ab568d1e23b225aed3f6ac3be278ab891379c893c38b2621
22583cc8084a1bcfaafd6a3117a5cb5f1aef9f73a876226b4630d4e6d83a7056
27e5a3ad59a9e0213824b548d9703155b454cfcffc7690842436aff86cb310c1
2dd69775d3c43b7650c444e5c5b95053e819a8307b752dae05b5711377883e54
390b278641dff296d100a43d9b2ee5c373d6bda29b107f8379be38b1fc6a3c3a
39841f21f3008e5e37e72f1b8c605c15f389c65ee0da4ac7cfbd80f9ace242c3
3b88454d3b939f34425c4d8810846494fcf045d0ebd7359bc4f98388f6bc5003
3d0b49d44af04e30d71e3184bddbd52341ef8b136aecb5a4521ee34ec1d5d34c
3da24968a5dbfc3b6646aca38f4019865d8872b488775e0c2e2f94dc563edb83
4473d1060601d9a2192b3ec1bfe6ef7021b9978a0c79a4d0b133649cbdd9fc65
4ceed872f09307797fffb5f79f0f347c3a92e3a38a10401fe41dee6adbb5cab6
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5affbe94cb42c080ba54c76901253e667dd6126fbb31cb635fe4dcb4ba885151
611a9f1c96e4d09104a0adb320daa2121764e8088efb0105dff3d2266d9fda15
64f4cacdda4c010a2804ffb4745a1ef130a70709e1e8f272250429b235cc1459
66686747fcba3e9efc3537cb9d122b3e415c0827ac3942449c40e4b17abb9305
6a5f05b192bb66fec7614c34a1a217297a914ae3b596eabecb6dbcdd89bf0037
707ae340a5fc25daaff4ed9d26c89e197bde7bcfa1d6d54b952d2b0ba7c37d13
7176db684f26c8273a8b573939a34d26687d463181602bd9f42546fbce26fdde
733abede8d6aac6197a95d1b7da177b44609e96e6a66bf3fb40fd19f9cbb8ee4
755504ad9b5482b12bbe801e3f1126176e770dd42b24cba3090d3519b6b6bb98
78600f028ad257862439cb744162af6a94a93564a3fff5c429bfe6b7f87cea05
78e0b03ae4f76c7e86a1cc1925795aac9c475af4766628c68bcae9a6cddd1e9d
7d8242ab6fd2b7275e43dbbd176a6bd35cf8c1ecc073e2e086eda901c023750a
7f57aa05b3d036c57ef3c1748f2e6020cb914cb86e1547134a10b02ae9ee6071
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8ca48fc70f3515912ae141388297d8787fc8ef18a53b4bbf5b651b99a26cdb5c
913b0e5caf779bef6450831f36ed7a1b440adb80b52da4c3bd6fd134f197de94
970d116778540b5cbef86f3f3242de44a8019cd3f7272f4e05f0648a9665f0fe
9a4aa20557a758a1e6f99410af6e2a9fd05ea7c7a4769a4fa168bcdae2ff6b5e
9bc6a55405d2f2b9a7f40567aab27d0cc1a0fc054cc7b58091aabe5e38e7684b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2cec9f1dc67ffd56750e95cddae0f567ce29c73d9ec185bbb8812d9d5ad7118
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ace48892f3c1ca4f83d1925d4a5029e54926c17cf438edccb0351e571c732d2f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cb1fc56e03922009390d3588a3a18ec9a2ceddac2ee486b85445a9f911780d05
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
ddbfe54805d4e9626890ae24825509adae843e1a3148836e4ff2638a7dfe35df
ded0f45939053a8d4ef2a25f8ff7b381b5679dee1f8248e46344228cf4eef35b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586ba43fec0c7b09f52481163e57a02c693a184850770b715a888deeed14c83
e972cb572e16717af651808113536e0faaddaea7ccadb3cecbef0ec2c46d5461
ebfd7e2f76f2539b39e2943471eff712920abed008d1bdd949eecdb474be2d7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e23293480cbabd3f8da81394dd1249772fe9a5379c5dd9ee4796f127c31017
f4604cc57b60c01201b346ced372317aff22240729348496047873eb54b30eb0
fc9948c2bb6e13cfb19d727c15c47899daad6370eaaf8ba76328e659283b383e