dco-form-ccla.hsbc.com Open in urlscan Pro
2600:9000:223f:9400:9:37a8:640:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dco-form-ccla.hsbc.com/	796 B 2 KB	72ms 20ms	Document text/html	2600:9000:223f:9400:9:37a8:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-form-ccla.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9400:9:37a8:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9dc9c75d7258158c302d5f9243202fdd6db2de9a03512b1ab8fd99afaefb6de9 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 740 cache-control max-age=0,no-cache,no-store,must-revalidate content-length 796 content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; content-type text/html date Tue, 27 Jun 2023 05:40:37 GMT etag "f28911d63bb19a967543b99357b1c477" last-modified Wed, 08 Jun 2022 12:08:47 GMT server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront) x-amz-cf-id iVhkvD3hbFC008BHcn-ClcbwAAfN0ik-h7ikJztPDvgylsTocefzYw== x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-amz-version-id null x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options deny x-xss-protection 1
GET H2	200	utag.js Show response dco-form-ccla.hsbc.com/	938 B 2 KB	177ms 176ms	Script application/javascript	2600:9000:223f:9400:9:37a8:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-form-ccla.hsbc.com/utag.js Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9400:9:37a8:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 010b6e00d7e3c21268c7bb90c8e7e05b32d48558e9a0334cd7e1d95034ed7609 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 27 Jun 2023 05:52:57 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 938 x-xss-protection 1 last-modified Wed, 08 Jun 2022 12:08:46 GMT server AmazonS3 etag "2d61c49202215df3ebb4507066ff5ffc" x-frame-options deny content-type application/javascript cache-control max-age=31536000,public accept-ranges bytes x-amz-cf-id eFvApRbBGduahzl0A-UFjvXNmw_KRLk29jtNygsu47ulU8Eilg0KIw==
GET H2	200	main-6e1d5df.css dco-form-ccla.hsbc.com/	224 KB 225 KB	218ms 217ms	Stylesheet text/css	2600:9000:223f:9400:9:37a8:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-form-ccla.hsbc.com/main-6e1d5df.css Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9400:9:37a8:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d0352dfecd7e26c6da5c48942df47a2a79fb0b87e3c9976d14b9cc8871099a51 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 27 Jun 2023 05:52:57 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 229529 x-xss-protection 1 last-modified Wed, 08 Jun 2022 12:08:46 GMT server AmazonS3 etag "be16b49d4c3fd3e02c667f0e6b225983" x-frame-options deny content-type text/css cache-control max-age=31536000,public accept-ranges bytes x-amz-cf-id v7-4_gooWFz4pWKLT6fNNw6uYULGQvKoSHKjZtho-vKikVQTKK2lJw==
GET H2	200	main-6e1d5df.js Show response dco-form-ccla.hsbc.com/	2 MB 2 MB	210ms 209ms	Script application/javascript	2600:9000:223f:9400:9:37a8:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-form-ccla.hsbc.com/main-6e1d5df.js Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9400:9:37a8:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 840ffc93c1378d160ea8fa9baeef4ad76baeecb2f25bbc0ef96891d61d561e92 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 27 Jun 2023 05:52:57 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 2112556 x-xss-protection 1 last-modified Wed, 08 Jun 2022 12:08:46 GMT server AmazonS3 etag "904a9cf85b0b76db2d08b166c989e7ee" x-frame-options deny content-type application/javascript cache-control max-age=31536000,public accept-ranges bytes x-amz-cf-id KCjSeLXssVEPF81nq4mVZRAKA1IHJx4GOXm9SzfAIzyAf-cwstiI4w==
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/hsbc/cn-rbwm/prod/	1 KB 953 B	403ms 372ms	Script application/javascript	2600:9000:223e:6400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/cn-rbwm/prod/utag.sync.js Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:6400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a5cddf5ca1ab308c577838555f8d4e6474a305b4478c1a15396d820dd762812 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id ti_Moiij5P0BzKsnI5fTFVajDz2RZYvK content-encoding gzip via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) date Tue, 27 Jun 2023 05:52:58 GMT last-modified Wed, 08 Mar 2023 13:32:22 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 etag W/"337cd67d5c0d7e798fbece88cbe1a74f" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id N1s71-aprhTKr9oQHF67zH4x3rgrBgpebhTZeE3DGt9a-onWgc0hGg==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/hsbc/cn-rbwm/prod/	180 KB 48 KB	144ms 113ms	Script application/javascript	2600:9000:223e:6400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/hsbc/cn-rbwm/prod/utag.js Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:6400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 048ec82a389b6ef8cc4040dfc101044ae5cc22b607aa08cc292f63f4404e1e09 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id 6u8CjTWMecJmEJp3IttwTXyocZjczZ1O content-encoding gzip via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) date Tue, 27 Jun 2023 05:52:58 GMT last-modified Wed, 08 Mar 2023 13:32:21 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 etag W/"c5ecf1c74c401762fa909e5e7ae4e1f8" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id w3pQ-O2_GVGAAnZWMotG27Vkr0eXKoVGvJVzGMEtIhWo7sfYqcu0wg==
GET H/1.1	200 OK	location.js Show response akamai.tiqcdn.com/location/	18 B 563 B	62ms 16ms	XHR application/x-javascript	23.45.104.216 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://akamai.tiqcdn.com/location/location.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/hsbc/cn-rbwm/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.104.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-104-216.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 27 Jun 2023 05:52:57 GMT Last-Modified Mon, 30 Apr 2018 23:09:19 GMT Server AkamaiNetStorage ETag "6c98be5fda77913799e8ef24b86a7abd:1525129759" Content-Type application/x-javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-EdgeScape-Location Cache-Control max-age=1296000 X-EdgeScape-Location country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000 Connection keep-alive Accept-Ranges bytes Content-Length 18 Expires Wed, 12 Jul 2023 05:52:57 GMT
GET H2	200	en-global-json-6e1d5df.js Show response dco-form-ccla.hsbc.com/translations/	11 KB 12 KB	171ms 171ms	Script application/javascript	2600:9000:223f:9400:9:37a8:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dco-form-ccla.hsbc.com/translations/en-global-json-6e1d5df.js Requested by Host: dco-form-ccla.hsbc.com URL: https://dco-form-ccla.hsbc.com/main-6e1d5df.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9400:9:37a8:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79bf8c79a6e53326d28835679b006e2fcb63e8eb0c3b65e45fc4e7bbca48cc99 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-form-ccla.hsbc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 27 Jun 2023 05:52:58 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:; x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 11411 x-xss-protection 1 last-modified Wed, 08 Jun 2022 12:08:46 GMT server AmazonS3 etag "c86397cb8a1db353fa294b217070f2fc" x-frame-options deny content-type application/javascript cache-control max-age=31536000,public accept-ranges bytes x-amz-cf-id jHEtjmiNvGnh--cUsXCB4jDgs3Qfv45cgvqNhI9gx9Y4xG-0eHFW-g==
GET		utag.645.js cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/	0 0
GET		utag.455.js cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/	0 0
GET		utag.966.js cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/	0 0
GET DATA	200 OK	truncated /	41 KB 41 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 55ade691f1a06265b6e9c502523ea2972ff8432f2ef1766965d9b3d3bbdd7d81 Request headers Referer Origin https://dco-form-ccla.hsbc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	38 KB 38 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0bfe845c97897526fcfd1009a71c12de5b8f85115c339cc5483234ac3a1a97ca Request headers Referer Origin https://dco-form-ccla.hsbc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type font/woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn.hsbc.com.cn

URL

https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.645.js?utv=ut4.46.202211221328

Domain

cdn.hsbc.com.cn

URL

https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.455.js?utv=ut4.46.202211221328

Domain

cdn.hsbc.com.cn

URL

https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.966.js?utv=ut4.46.202211221328

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| utag_data string| env function| getQueryParams object| query object| JSElement string| envUtag object| codeMap string| code boolean| utag_condload object| elem boolean| loggedInScript undefined| versionNode undefined| version object| params object| qp_v_id object| qp_ses_id object| utag function| e function| extensionCDNChooser boolean| __tealium_twc_switch object| utag_cfg_ovrd object| TMS object| Evnt string| mn object| tms object| HSBC object| TEALIUM function| Visitor object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| _ object| utag_extn boolean| BC_ANALYTICS_CONSENT undefined| WebTrends object| DCSext function| dcsGetHSBCCookie function| dcsVar function| dcsMultiTrack function| dcsMapHSBC function| dcsMeta function| dcsFunc function| dcsTag

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dco-form-ccla.hsbc.com/	1970-01-20 12:52:11	Name: TEALCDN Value: com:1687931577098
			.hsbc.com/	1970-01-20 21:36:21	Name: utag_main Value: v_id:0188fb69871200103d4aa9b3655503074001f06c00b08$_sn:1$_se:1$_ss:1$_st:1687846977107$ses_id:1687845177107%3Bexp-session$_pn:1%3Bexp-session
			.hsbc.com/	1969-12-31 23:59:59	Name: tms_ref Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.645.js?utv=ut4.46.202211221328 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.455.js?utv=ut4.46.202211221328 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.hsbc.com.cn/utag/hsbc/cn-rbwm/prod/utag.966.js?utv=ut4.46.202211221328 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/ https://*.hsbc.com.hk/; font-src data: https://fonts.gstatic.com/; img-src 'self' data: https:; connect-src 'self' https:; frame-src 'self' https:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
cdn.hsbc.com.cn
dco-form-ccla.hsbc.com
tags.tiqcdn.com
cdn.hsbc.com.cn
23.45.104.216
2600:9000:223e:6400:7:2bfb:7c00:93a1
2600:9000:223f:9400:9:37a8:640:93a1
010b6e00d7e3c21268c7bb90c8e7e05b32d48558e9a0334cd7e1d95034ed7609
048ec82a389b6ef8cc4040dfc101044ae5cc22b607aa08cc292f63f4404e1e09
0bfe845c97897526fcfd1009a71c12de5b8f85115c339cc5483234ac3a1a97ca
4a5cddf5ca1ab308c577838555f8d4e6474a305b4478c1a15396d820dd762812
55ade691f1a06265b6e9c502523ea2972ff8432f2ef1766965d9b3d3bbdd7d81
79bf8c79a6e53326d28835679b006e2fcb63e8eb0c3b65e45fc4e7bbca48cc99
840ffc93c1378d160ea8fa9baeef4ad76baeecb2f25bbc0ef96891d61d561e92
9dc9c75d7258158c302d5f9243202fdd6db2de9a03512b1ab8fd99afaefb6de9
d0352dfecd7e26c6da5c48942df47a2a79fb0b87e3c9976d14b9cc8871099a51
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559