dco-investments-preprod.hsbc.com.hk Open in urlscan Pro
143.204.98.89  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dco-investments-preprod.hsbc.com.hk/	4 KB 3 KB	657ms 442ms	Document text/html	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash 4a9a119ff01c764463251ffa63791a32312504b721c515aca509a63fda9e7170 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :method GET :authority dco-investments-preprod.hsbc.com.hk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Tue, 15 Jun 2021 13:43:47 GMT set-cookie AWSALB=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/ AWSALBCORS=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/; SameSite=None x-dns-prefetch-control off expect-ct max-age=0 x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff x-permitted-cross-domain-policies none referrer-policy no-referrer x-xss-protection 0 etag W/"1050-IpdtGfqoZ7xytfe8TQWPZmyQIFU" vary Accept-Encoding content-encoding gzip x-cache Miss from cloudfront via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id Hf11fVnIT_GNqNof4QOSKbAyhJmhjfaaxj81sPzH4Nl_jZbUs3IjTw==
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/	109 B 344 B	158ms 126ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.sync.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4e3b0c3c456c2ca19db55a9735e36664b058f9d0b7aed09cb8be720076d47ab7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:47 GMT content-encoding gzip last-modified Fri, 19 Mar 2021 17:42:25 GMT server AkamaiNetStorage etag "e41cc998548ec7f725835eebd8f3e190:1616175745.575653" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300 accept-ranges bytes content-length 118 expires Tue, 15 Jun 2021 13:48:47 GMT
GET H2	200	3.4a4d7e24.chunk.css dco-investments-preprod.hsbc.com.hk/static/css/	254 KB 117 KB	428ms 427ms	Stylesheet text/css	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/css/3.4a4d7e24.chunk.css Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash b516a3432122d2d79c1b139530ff47e6853e5bbf9bb9fd0e2e8aa0236bfd5718 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/css/3.4a4d7e24.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority dco-investments-preprod.hsbc.com.hk cookie AWSALB=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:47 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"3f6aa-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type text/css; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=SOww5fFdoWQL0a1gaFYWy9TfEPBPCh9NKQSV8kzdc13zgtlO8lWq4b82rnsw2zAokrDADDyjSc0qd9JUd1p367encr2l47LnS6FKFwy4wZeg779Rgzml4pNkV1KF; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/ AWSALBCORS=SOww5fFdoWQL0a1gaFYWy9TfEPBPCh9NKQSV8kzdc13zgtlO8lWq4b82rnsw2zAokrDADDyjSc0qd9JUd1p367encr2l47LnS6FKFwy4wZeg779Rgzml4pNkV1KF; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id iYt6V66eGzwM2R9jumxIK57ijO3awgVCKGvGxC69u-dbRf5P4VxKTw==
GET H2	200	main.03cb429f.chunk.css dco-investments-preprod.hsbc.com.hk/static/css/	1 KB 1 KB	406ms 405ms	Stylesheet text/css	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/css/main.03cb429f.chunk.css Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash 13b78ef098d3f2fbc760c85cde830ba7ff48e5657d81a9e53260a3d6cc113e97 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/css/main.03cb429f.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority dco-investments-preprod.hsbc.com.hk cookie AWSALB=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:47 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"467-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type text/css; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=7Oaoc5BlOEmlglphRmorZq3tC3rDyFWSW7r6mj3wUgD3JeXYi7E265f7sB96HkXCQghfUuuh6thS2HUMkuHQYx5iAG91XXxww9a3PYaeez4FOzZOVKdqE29MHWMv; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/ AWSALBCORS=7Oaoc5BlOEmlglphRmorZq3tC3rDyFWSW7r6mj3wUgD3JeXYi7E265f7sB96HkXCQghfUuuh6thS2HUMkuHQYx5iAG91XXxww9a3PYaeez4FOzZOVKdqE29MHWMv; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id 34ow8nG91f8AKO41Am0rag9ZcsX7BjCr6wgKPqfZRrrYG0jMaEETGw==
GET H2	200	3.0dde8d69.chunk.js Show response dco-investments-preprod.hsbc.com.hk/static/js/	959 KB 287 KB	415ms 414ms	Script application/javascript	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/js/3.0dde8d69.chunk.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash d6408d23c88d3e9b8f89ca49a0ff576cdafe6cf00dcbf7fea0ce2ef853c9e734 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/js/3.0dde8d69.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority dco-investments-preprod.hsbc.com.hk cookie AWSALB=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:47 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"efdc2-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=r9ZgojyPGor+x8KfIwK4+PvZ26dS+ShEfGeZNxiIGSQDsowPDdg50tnmyWyDkAUxwiVMBnsAZk0WS0PuCWENguVl8BW/PMGgpjYJUxM8Lr7BSUDAf2mVeed4zGwK; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/ AWSALBCORS=r9ZgojyPGor+x8KfIwK4+PvZ26dS+ShEfGeZNxiIGSQDsowPDdg50tnmyWyDkAUxwiVMBnsAZk0WS0PuCWENguVl8BW/PMGgpjYJUxM8Lr7BSUDAf2mVeed4zGwK; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id z7EwLFee8cknT9ZlKlgbdthV9o6h-JjBLwgYfG8TH_fkkWFL2qZ5XA==
GET H2	200	main.fd28e372.chunk.js Show response dco-investments-preprod.hsbc.com.hk/static/js/	160 KB 35 KB	413ms 412ms	Script application/javascript	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/js/main.fd28e372.chunk.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash 9115af41773e2a0e35402ab92a23e6c0244b9b5e8267fdcc05245d471c454c56 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/js/main.fd28e372.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority dco-investments-preprod.hsbc.com.hk cookie AWSALB=1GZ0fc3oIrqD32vRS3lxyzEmn2nPINACvnEb5+kIhyZVUiXF4wO+KxKGEShOsorWxe0D/52/l5KTDqyIkQAZ9docka309zKxHWh291PF9HdHnQMObOe1DWeA0etV :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:47 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"27e79-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=V/XuVqy7ZMb3ZpCPzOXv/6HPzwazKAAdugwQF2CESEA/3XmDy2gUmZ1a1kDBmrCnShMIebFuY7LZ1evlir8SzNrkDGV9oABY7ileg+NZK64ifOjrs4vdHEaQrkGW; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/ AWSALBCORS=V/XuVqy7ZMb3ZpCPzOXv/6HPzwazKAAdugwQF2CESEA/3XmDy2gUmZ1a1kDBmrCnShMIebFuY7LZ1evlir8SzNrkDGV9oABY7ileg+NZK64ifOjrs4vdHEaQrkGW; Expires=Tue, 22 Jun 2021 13:43:47 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id 8SkEBtX2J_UgxJqS-A9uFL2yuUAthGo-Vk9hMOlKt1Ly7UL7i9CuoA==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/	126 KB 37 KB	72ms 72ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 289ed11936d68dfea01220e3f4a7277690e5baa66d73c4496522a81b9dc1af73 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT content-encoding gzip last-modified Fri, 19 Mar 2021 17:42:26 GMT server AkamaiNetStorage etag "25a6f559555774fcd0c4568d81a5a224:1616175746.452894" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300 accept-ranges bytes content-length 37222 expires Tue, 15 Jun 2021 13:48:48 GMT
GET H/1.1	200 OK	location.js Show response akamai.tiqcdn.com/location/	18 B 563 B	25ms 8ms	XHR application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://akamai.tiqcdn.com/location/location.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 15 Jun 2021 13:43:48 GMT Last-Modified Mon, 30 Apr 2018 23:09:19 GMT Server AkamaiNetStorage ETag "6c98be5fda77913799e8ef24b86a7abd:1525129759" Content-Type application/x-javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-EdgeScape-Location Cache-Control max-age=1296000 X-EdgeScape-Location country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000 Connection keep-alive Accept-Ranges bytes Content-Length 18 Expires Wed, 30 Jun 2021 13:43:48 GMT
GET H2	200	9.fbf8525b.chunk.js dco-investments-preprod.hsbc.com.hk/static/js/	0 1 KB	424ms 424ms	Other application/javascript	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/js/9.fbf8525b.chunk.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/js/9.fbf8525b.chunk.js pragma no-cache purpose prefetch accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept application/signed-exchange;v=b3;q=0.9,*/*;q=0.8 cache-control no-cache sec-fetch-dest empty :authority dco-investments-preprod.hsbc.com.hk cookie AWSALB=SOww5fFdoWQL0a1gaFYWy9TfEPBPCh9NKQSV8kzdc13zgtlO8lWq4b82rnsw2zAokrDADDyjSc0qd9JUd1p367encr2l47LnS6FKFwy4wZeg779Rgzml4pNkV1KF; utag_main=v_id:017a0fe9f34500418f8cbbc1662000072002c06a00b08$_sn:1$_ss:1$_st:1623766428295$ses_id:1623764628295%3Bexp-session$_pn:1%3Bexp-session; tms_ref= :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"4c4-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=RNabkBBsSR2WyBHKX8yNXEreqIVBOmMQw5B3oQ/9mkdLXTQE1B2+8shmjpSV2bxSCmV7oGxTMjWitRLSAbCE9+ia1cdGYklrlR+KD/oayK88wdDKmEwuYUIb7Jbb; Expires=Tue, 22 Jun 2021 13:43:48 GMT; Path=/ AWSALBCORS=RNabkBBsSR2WyBHKX8yNXEreqIVBOmMQw5B3oQ/9mkdLXTQE1B2+8shmjpSV2bxSCmV7oGxTMjWitRLSAbCE9+ia1cdGYklrlR+KD/oayK88wdDKmEwuYUIb7Jbb; Expires=Tue, 22 Jun 2021 13:43:48 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id oZO7TcYzc8n_xRjOWUuHSVBxWFttEyB7s9pjlVZ34ZrnkoYRI25ceg==
GET H2	200	utag.1543.js Show response tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/	66 KB 22 KB	20ms 19ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.1543.js?utv=ut4.45.202103121846 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5e80a950bb2b0760cee56089ef79411496dfe7f47e4831a17f924dddbd2b583f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT content-encoding gzip last-modified Fri, 14 Aug 2020 11:17:25 GMT server AkamaiNetStorage etag "a21dce15df66561ade3ccc1f4e9818f5:1597403845.099322" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 22144 expires Wed, 30 Jun 2021 13:43:48 GMT
GET H2	200	utag.1631.js Show response tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/	43 KB 13 KB	19ms 18ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.1631.js?utv=ut4.45.202102080916 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d1e825d2c1d874910cfe2d86935e8629c65775aefcd42a8f07fb403ccf31036e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT content-encoding gzip last-modified Fri, 14 Aug 2020 11:17:20 GMT server AkamaiNetStorage etag "84c265cde39bce186b4d0db4fe4e6db6:1597403840.205567" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 12802 expires Wed, 30 Jun 2021 13:43:48 GMT
GET H2	200	utag.1722.js Show response tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/	42 KB 11 KB	20ms 19ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.1722.js?utv=ut4.45.202103181738 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 742f7c0d98a6fef137d41bbdc14120523ec12c518189db364e14af2c56a36904 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT content-encoding gzip last-modified Thu, 18 Mar 2021 17:38:52 GMT server AkamaiNetStorage etag "72da88c4db9403d54c94a3f362948edb:1616089132.245025" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1296000 accept-ranges bytes content-length 11448 expires Wed, 30 Jun 2021 13:43:48 GMT
GET H/1.1	403 Forbidden	tagInfo Show response devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	64 B 788 B	300ms 299ms	XHR application/json	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/tagInfo Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/static/js/3.0dde8d69.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash 8e059bcf9b22ff277537832941bf03e8e3e5d0b2fd87d8a97dc6cacd458bc935 Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers X-HSBC-Global-Channel-Id MOBILE X-HSBC-Chnl-CountryCode HK X-HSBC-Channel-Id MOBILE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-HSBC-Locale en Accept application/json, text/plain, */* Referer X-HSBC-Chnl-Group-Member HBAP Response headers Date Tue, 15 Jun 2021 13:43:50 GMT Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff Server rproxy X-Frame-Options SAMEORIGIN Content-Type application/json Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Cache-Control max-age=0, no-store Connection Keep-Alive S rproxy_dev_0229 Keep-Alive timeout=5, max=100 Content-Length 64 Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
OPTIONS H/1.1	200	tagInfo devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	0 0	1715ms 294ms	Preflight	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/tagInfo Protocol HTTP/1.1 Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-hsbc-channel-id,x-hsbc-chnl-countrycode,x-hsbc-chnl-group-member,x-hsbc-global-channel-id,x-hsbc-locale Origin https://dco-investments-preprod.hsbc.com.hk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Tue, 15 Jun 2021 13:43:50 GMT Server rproxy X-Frame-Options SAMEORIGIN Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Access-Control-Allow-Methods CONNECT, OPTIONS, GET, POST Content-Length 0 Access-Control-Max-Age 30 Access-Control-Allow-Headers Content-Type, Origin, Accept, Authorization, Content-Length, DNT, dspSession, Token_Type, Referer, User-Agent, X-Requested-With, X-HSBC-Locale, X-HSBC-Channel-Id, X-HSBC-Chnl-CountryCode, X-HSBC-Chnl-Group-Member, X-HSBC-Client-Host-Id, X-HSBC-Client-Id, X-HSBC-Client-Secret, X-HSBC-Message-Instance-Id, X-HSBC-Request-Correlation-Id, X-HSBC-Saml, X-HSBC-Source-System-Id, X-HSBC-Src-Device-Id, X-HSBC-Src-UserAgent, X-HSBC-Target-System-Environment-Id, X-HSBC-Global-Channel-Id S rproxy_dev_0230 Cache-Control max-age=0, no-store X-Content-Type-Options nosniff Strict-Transport-Security max-age=16070400; includeSubDomains Keep-Alive timeout=5, max=100 Connection Keep-Alive Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
GET DATA	200 OK	truncated /	21 KB 21 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed Request headers Origin https://dco-investments-preprod.hsbc.com.hk Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/woff
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 202 B	9ms 9ms	Script application/x-javascript	23.79.138.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/hk-rbwm-mobile/202103191741&cb=1623764628510 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/hk-rbwm-mobile/qa/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.138.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-138-33.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:48 GMT last-modified Thu, 14 Apr 2016 16:57:51 GMT server AkamaiNetStorage etag "7bc0ee636b3b83484fc3b9348863bd22:1460653071" content-type application/x-javascript cache-control max-age=600 accept-ranges bytes content-length 2 expires Tue, 15 Jun 2021 13:53:48 GMT
OPTIONS H/1.1	200	appLog devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	0 0	297ms 297ms	Preflight	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/appLog Protocol HTTP/1.1 Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-hsbc-channel-id,x-hsbc-chnl-countrycode,x-hsbc-chnl-group-member,x-hsbc-global-channel-id,x-hsbc-locale Origin https://dco-investments-preprod.hsbc.com.hk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Tue, 15 Jun 2021 13:43:50 GMT Server rproxy X-Frame-Options SAMEORIGIN Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Access-Control-Allow-Methods CONNECT, OPTIONS, GET, POST Content-Length 0 Access-Control-Max-Age 30 Access-Control-Allow-Headers Content-Type, Origin, Accept, Authorization, Content-Length, DNT, dspSession, Token_Type, Referer, User-Agent, X-Requested-With, X-HSBC-Locale, X-HSBC-Channel-Id, X-HSBC-Chnl-CountryCode, X-HSBC-Chnl-Group-Member, X-HSBC-Client-Host-Id, X-HSBC-Client-Id, X-HSBC-Client-Secret, X-HSBC-Message-Instance-Id, X-HSBC-Request-Correlation-Id, X-HSBC-Saml, X-HSBC-Source-System-Id, X-HSBC-Src-Device-Id, X-HSBC-Src-UserAgent, X-HSBC-Target-System-Environment-Id, X-HSBC-Global-Channel-Id S rproxy_dev_0233 Cache-Control max-age=0, no-store X-Content-Type-Options nosniff Strict-Transport-Security max-age=16070400; includeSubDomains Keep-Alive timeout=5, max=100 Connection Keep-Alive Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
GET H2	200	10.aeede9fc.chunk.js Show response dco-investments-preprod.hsbc.com.hk/static/js/	1 KB 2 KB	395ms 394ms	Script application/javascript	143.204.98.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-investments-preprod.hsbc.com.hk/static/js/10.aeede9fc.chunk.js Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-89.fra50.r.cloudfront.net Software / Resource Hash 9c1bceb13465ac1959ef9dc3cc1bdaf7dceab0e0299e0fb5992fc3a111bfa74b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :path /static/js/10.aeede9fc.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority dco-investments-preprod.hsbc.com.hk cookie utag_main=v_id:017a0fe9f34500418f8cbbc1662000072002c06a00b08$_sn:1$_ss:1$_st:1623766428295$ses_id:1623764628295%3Bexp-session$_pn:1%3Bexp-session; tms_ref=; AWSALB=RNabkBBsSR2WyBHKX8yNXEreqIVBOmMQw5B3oQ/9mkdLXTQE1B2+8shmjpSV2bxSCmV7oGxTMjWitRLSAbCE9+ia1cdGYklrlR+KD/oayK88wdDKmEwuYUIb7Jbb :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 13:43:50 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop FRA50-C1 x-dns-prefetch-control off x-cache Miss from cloudfront vary Accept-Encoding x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 11 Jun 2021 03:35:03 GMT x-frame-options SAMEORIGIN etag W/"4c9-179f9232e58" expect-ct max-age=0 strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) cache-control public, max-age=0 set-cookie AWSALB=GsIuS0Sin+1E3/jROhvB6lBZQo4TAoUW4m5MgMJu47M0M2dWIOxO6bC3fYvruCmTXwolbk1JfbI/Buw026Zyp+R9oLou4tpVdEysd2Ab+y8TZRmm2nnw/hXw+GNC; Expires=Tue, 22 Jun 2021 13:43:50 GMT; Path=/ AWSALBCORS=GsIuS0Sin+1E3/jROhvB6lBZQo4TAoUW4m5MgMJu47M0M2dWIOxO6bC3fYvruCmTXwolbk1JfbI/Buw026Zyp+R9oLou4tpVdEysd2Ab+y8TZRmm2nnw/hXw+GNC; Expires=Tue, 22 Jun 2021 13:43:50 GMT; Path=/; SameSite=None accept-ranges bytes x-amz-cf-id xu8XCZL_NrIM-l8mpm5YC_ukqYvbd1MIjp3j6ikLs0PFcZvNWtN_IQ==
POST H/1.1	403 Forbidden	appLog Show response devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	64 B 788 B	551ms 302ms	XHR application/json	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/appLog Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/static/js/3.0dde8d69.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash 8e059bcf9b22ff277537832941bf03e8e3e5d0b2fd87d8a97dc6cacd458bc935 Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers X-HSBC-Global-Channel-Id MOBILE X-HSBC-Chnl-CountryCode HK X-HSBC-Channel-Id MOBILE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-HSBC-Chnl-Group-Member HBAP Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer X-HSBC-Locale en Response headers Date Tue, 15 Jun 2021 13:43:51 GMT Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff Server rproxy X-Frame-Options SAMEORIGIN Content-Type application/json Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Cache-Control max-age=0, no-store Connection Keep-Alive S rproxy_dev_0229 Keep-Alive timeout=5, max=100 Content-Length 64 Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
GET H/1.1	403 Forbidden	questionnaire Show response devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	64 B 788 B	293ms 293ms	XHR application/json	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/questionnaire Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/static/js/3.0dde8d69.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash 8e059bcf9b22ff277537832941bf03e8e3e5d0b2fd87d8a97dc6cacd458bc935 Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers X-HSBC-Global-Channel-Id MOBILE X-HSBC-Chnl-CountryCode HK X-HSBC-Channel-Id MOBILE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-HSBC-Locale en Accept application/json, text/plain, */* Referer X-HSBC-Chnl-Group-Member HBAP Response headers Date Tue, 15 Jun 2021 13:43:50 GMT Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff Server rproxy X-Frame-Options SAMEORIGIN Content-Type application/json Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Cache-Control max-age=0, no-store Connection Keep-Alive S rproxy_dev_0229 Keep-Alive timeout=5, max=100 Content-Length 64 Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
OPTIONS H/1.1	200	questionnaire devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	0 0	593ms 297ms	Preflight	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/questionnaire Protocol HTTP/1.1 Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-hsbc-channel-id,x-hsbc-chnl-countrycode,x-hsbc-chnl-group-member,x-hsbc-global-channel-id,x-hsbc-locale Origin https://dco-investments-preprod.hsbc.com.hk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Tue, 15 Jun 2021 13:43:50 GMT Server rproxy X-Frame-Options SAMEORIGIN Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Access-Control-Allow-Methods CONNECT, OPTIONS, GET, POST Content-Length 0 Access-Control-Max-Age 30 Access-Control-Allow-Headers Content-Type, Origin, Accept, Authorization, Content-Length, DNT, dspSession, Token_Type, Referer, User-Agent, X-Requested-With, X-HSBC-Locale, X-HSBC-Channel-Id, X-HSBC-Chnl-CountryCode, X-HSBC-Chnl-Group-Member, X-HSBC-Client-Host-Id, X-HSBC-Client-Id, X-HSBC-Client-Secret, X-HSBC-Message-Instance-Id, X-HSBC-Request-Correlation-Id, X-HSBC-Saml, X-HSBC-Source-System-Id, X-HSBC-Src-Device-Id, X-HSBC-Src-UserAgent, X-HSBC-Target-System-Environment-Id, X-HSBC-Global-Channel-Id S rproxy_dev_0232 Cache-Control max-age=0, no-store X-Content-Type-Options nosniff Strict-Transport-Security max-age=16070400; includeSubDomains Keep-Alive timeout=5, max=100 Connection Keep-Alive Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
GET DATA	200 OK	truncated /	20 KB 20 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae Request headers Origin https://dco-investments-preprod.hsbc.com.hk Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/woff
POST H/1.1	403 Forbidden	appLog Show response devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	64 B 788 B	294ms 294ms	XHR application/json	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/appLog Requested by Host: dco-investments-preprod.hsbc.com.hk URL: https://dco-investments-preprod.hsbc.com.hk/static/js/3.0dde8d69.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash 8e059bcf9b22ff277537832941bf03e8e3e5d0b2fd87d8a97dc6cacd458bc935 Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers X-HSBC-Global-Channel-Id MOBILE X-HSBC-Chnl-CountryCode HK X-HSBC-Channel-Id MOBILE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-HSBC-Chnl-Group-Member HBAP Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer X-HSBC-Locale en Response headers Date Tue, 15 Jun 2021 13:43:51 GMT Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff Server rproxy X-Frame-Options SAMEORIGIN Content-Type application/json Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Cache-Control max-age=0, no-store Connection Keep-Alive S rproxy_dev_0232 Keep-Alive timeout=5, max=100 Content-Length 64 Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;
OPTIONS H/1.1	200	appLog devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/	0 0	297ms 296ms	Preflight	27.110.79.57 HSBC-HK-AS HSBC H...
General Check archive.org Show headers Download Go to Full URL https://devcluster.api.p2g.netd2.hsbc.com.hk/originations-iao-etb-experience-uat-proxy/v1/appLog Protocol HTTP/1.1 Server 27.110.79.57 , Hong Kong, ASN9221 (HSBC-HK-AS HSBC HongKong, HK), Reverse DNS Software rproxy / Resource Hash Security Headers Name Value Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-hsbc-channel-id,x-hsbc-chnl-countrycode,x-hsbc-chnl-group-member,x-hsbc-global-channel-id,x-hsbc-locale Origin https://dco-investments-preprod.hsbc.com.hk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Tue, 15 Jun 2021 13:43:51 GMT Server rproxy X-Frame-Options SAMEORIGIN Access-Control-Allow-Origin https://dco-investments-preprod.hsbc.com.hk Access-Control-Allow-Methods CONNECT, OPTIONS, GET, POST Content-Length 0 Access-Control-Max-Age 30 Access-Control-Allow-Headers Content-Type, Origin, Accept, Authorization, Content-Length, DNT, dspSession, Token_Type, Referer, User-Agent, X-Requested-With, X-HSBC-Locale, X-HSBC-Channel-Id, X-HSBC-Chnl-CountryCode, X-HSBC-Chnl-Group-Member, X-HSBC-Client-Host-Id, X-HSBC-Client-Id, X-HSBC-Client-Secret, X-HSBC-Message-Instance-Id, X-HSBC-Request-Correlation-Id, X-HSBC-Saml, X-HSBC-Source-System-Id, X-HSBC-Src-Device-Id, X-HSBC-Src-UserAgent, X-HSBC-Target-System-Environment-Id, X-HSBC-Global-Channel-Id S rproxy_dev_0233 Cache-Control max-age=0, no-store X-Content-Type-Options nosniff Strict-Transport-Security max-age=16070400; includeSubDomains Keep-Alive timeout=5, max=99 Connection Keep-Alive Public-Key-Pins pin-sha256="86MuFNF1znOXnEbmS8PKZuYh+/3mzEh7c7dLzBuDeMM="; pin-sha256="l6Q+yQUkUtDXOiKXhjscuMB2J/5PMdXhMO/zt0QCdac="; pin-sha256="frdkSlW7rXJu9AhR8Ug/U4hnVkvj0InjKIYrzABTo1A="; max-age=1200;

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| utag_data object| webpackJsonpiao-etb-frontend-hk-hbap object| utag_err boolean| utag_condload object| utag function| e function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| TMS object| Evnt string| mn object| TEALIUM object| utag_extn function| Visitor object| regeneratorRuntime string| trackingServer string| currency object| s function| AppMeasurement function| s_gi function| s_pgicq string| orgId object| s_c_il number| s_c_in number| s_objectID number| s_giq object| cookieHandler

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hsbc.com.hk/	1969-12-31 23:59:59	Name: tms_ref Value:
			.hsbc.com.hk/	1970-01-20 03:48:20	Name: utag_main Value: v_id:017a0fe9f34500418f8cbbc1662000072002c06a00b08$_sn:1$_ss:1$_st:1623766428295$ses_id:1623764628295%3Bexp-session$_pn:1%3Bexp-session
			dco-investments-preprod.hsbc.com.hk/	1970-01-19 19:12:49	Name: AWSALB Value: SOww5fFdoWQL0a1gaFYWy9TfEPBPCh9NKQSV8kzdc13zgtlO8lWq4b82rnsw2zAokrDADDyjSc0qd9JUd1p367encr2l47LnS6FKFwy4wZeg779Rgzml4pNkV1KF

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
dco-investments-preprod.hsbc.com.hk
devcluster.api.p2g.netd2.hsbc.com.hk
tags.tiqcdn.com
143.204.98.89
23.79.138.33
27.110.79.57
13b78ef098d3f2fbc760c85cde830ba7ff48e5657d81a9e53260a3d6cc113e97
289ed11936d68dfea01220e3f4a7277690e5baa66d73c4496522a81b9dc1af73
4a9a119ff01c764463251ffa63791a32312504b721c515aca509a63fda9e7170
4e3b0c3c456c2ca19db55a9735e36664b058f9d0b7aed09cb8be720076d47ab7
5e80a950bb2b0760cee56089ef79411496dfe7f47e4831a17f924dddbd2b583f
742f7c0d98a6fef137d41bbdc14120523ec12c518189db364e14af2c56a36904
8e059bcf9b22ff277537832941bf03e8e3e5d0b2fd87d8a97dc6cacd458bc935
9115af41773e2a0e35402ab92a23e6c0244b9b5e8267fdcc05245d471c454c56
9c1bceb13465ac1959ef9dc3cc1bdaf7dceab0e0299e0fb5992fc3a111bfa74b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3a59834fae8583a5fb9791490cae9a2ef067da1b2e6ccfcf229ec5ca29ca2ed
a6645b22063b810b77f25610907afc04836c14dbb8aa8e7cf3e629fbffb9f0ae
b516a3432122d2d79c1b139530ff47e6853e5bbf9bb9fd0e2e8aa0236bfd5718
d1e825d2c1d874910cfe2d86935e8629c65775aefcd42a8f07fb403ccf31036e
d6408d23c88d3e9b8f89ca49a0ff576cdafe6cf00dcbf7fea0ce2ef853c9e734
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855