businessgo-uat3.hsbc.com Open in urlscan Pro
2a02:26f0:3500:14::1724:a255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://businessgo-uat3.hsbc.com/
Submission Tags: @phishunt_io
Submission: On May 06 via api (May 6th 2024, 4:29:12 am UTC) from DE — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 8 domains to perform 63 HTTP transactions. The main IP is 2a02:26f0:3500:14::1724:a255, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is businessgo-uat3.hsbc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 30th 2023. Valid for: a year.

This is the only time businessgo-uat3.hsbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2a02:26f0:350... 2a02:26f0:3500:14::1724:a255	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2600:9000:235... 2600:9000:235a:9600:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.205.189.82 23.205.189.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	16.163.242.138 16.163.242.138	16509 (AMAZON-02) (AMAZON-02)
1	52.58.255.70 52.58.255.70	16509 (AMAZON-02) (AMAZON-02)
1	18.210.253.134 18.210.253.134	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	13.32.27.5 13.32.27.5	16509 (AMAZON-02) (AMAZON-02)
1	3.120.63.212 3.120.63.212	16509 (AMAZON-02) (AMAZON-02)
6	34.193.155.242 34.193.155.242	14618 (AMAZON-AES) (AMAZON-AES)
1	18.172.109.51 18.172.109.51	16509 (AMAZON-02) (AMAZON-02)
1	18.166.207.216 18.166.207.216	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
3	104.17.209.240 104.17.209.240	() ()
63	15

34 2a02:26f0:3500:14::1724:a255 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

businessgo-uat3.hsbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:235a:9600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.189.82 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-189-82.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.163.242.138 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-242-138.ap-east-1.compute.amazonaws.com

collect-ap-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.255.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-255-70.eu-central-1.compute.amazonaws.com

v2.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.253.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-253-134.compute-1.amazonaws.com

api7119.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-5.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.63.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-63-212.eu-central-1.compute.amazonaws.com

ipw.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.193.155.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-155-242.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.109.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-109-51.fra60.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.166.207.216 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-166-207-216.ap-east-1.compute.amazonaws.com

visitor-service-ap-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN- ()

zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	hsbc.com businessgo-uat3.hsbc.com	4 MB
10	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1304 akamai.tiqcdn.com — Cisco Umbrella Rank: 11814	73 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1984 heapanalytics.com — Cisco Umbrella Rank: 1452	39 KB
3	qualtrics.com zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com siteintercept.qualtrics.com	27 KB
3	d41.co v2.d41.co — Cisco Umbrella Rank: 97887 api7119.d41.co — Cisco Umbrella Rank: 426444 ipw.d41.co	98 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3249 p1.parsely.com — Cisco Umbrella Rank: 2383	18 KB
2	tealiumiq.com collect-ap-east-1.tealiumiq.com — Cisco Umbrella Rank: 122278 visitor-service-ap-east-1.tealiumiq.com — Cisco Umbrella Rank: 80289	3 KB
1	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 272	409 B
63	8

	Domain	Requested by
34	businessgo-uat3.hsbc.com	businessgo-uat3.hsbc.com
9	tags.tiqcdn.com	businessgo-uat3.hsbc.com tags.tiqcdn.com
6	heapanalytics.com	businessgo-uat3.hsbc.com
2	siteintercept.qualtrics.com	zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com siteintercept.qualtrics.com
1	zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com	tags.tiqcdn.com
1	p1.parsely.com	businessgo-uat3.hsbc.com
1	visitor-service-ap-east-1.tealiumiq.com	tags.tiqcdn.com
1	cdn.parsely.com	businessgo-uat3.hsbc.com
1	ipw.d41.co	v2.d41.co
1	cdn.heapanalytics.com	tags.tiqcdn.com
1	cm.g.doubleclick.net	businessgo-uat3.hsbc.com
1	api7119.d41.co	tags.tiqcdn.com
1	v2.d41.co	tags.tiqcdn.com
1	collect-ap-east-1.tealiumiq.com	tags.tiqcdn.com
1	akamai.tiqcdn.com	tags.tiqcdn.com
63	15

This site contains no links.

Subject Issuer	Validity	Valid
businessgo-uat1.hsbc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-30` - `2024-06-08`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-16` - `2024-11-16`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M03	`2024-02-05` - `2025-03-05`	a year	crt.sh
v2.d41.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-13` - `2024-10-13`	a year	crt.sh
*.d41.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
ipw.d41.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-13` - `2024-10-13`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://businessgo-uat3.hsbc.com/
Frame ID: 042CDCAEFF6D78C3D2F180CA65BF4812
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HSBC Business Go

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

63
Requests

98 %
HTTPS

14 %
IPv6

8
Domains

15
Subdomains

15
IPs

5
Countries

3850 kB
Transfer

13233 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
businessgo-uat3.hsbc.com/ 729 B
919 B 1275ms
851ms Document
text/html 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b8a21f0870f858385f944c503dc56176bc21235964a058631749faf00d82dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://businessgo-uat2.hsbc.com
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 401
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 04:29:04 GMT
etag: W/"660119a5-2d9"
expires: Mon, 06 May 2024 04:29:04 GMT
generate-request-id: false
last-modified: Mon, 25 Mar 2024 06:28:53 GMT
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 userAgent.js Show response
businessgo-uat3.hsbc.com/vendor/ 1 KB
883 B 387ms
386ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendor/userAgent.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

733abede8d6aac6197a95d1b7da177b44609e96e6a66bf3fb40fd19f9cbb8ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 409
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Apr 2024 02:47:13 GMT
etag: W/"6601195b-580"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 config.js Show response
businessgo-uat3.hsbc.com/siriusresource/env/ 6 KB
2 KB 391ms
391ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/siriusresource/env/config.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d6ac96a42cefb572bb2abcaac001985f4ddb527579cc246c8e99e30ce2f0824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 1457
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 08:06:06 GMT
etag: W/"1773-18e5647d520"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: public, max-age=0
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges: bytes

GET
H2 200 main.3767ed4d.js Show response
businessgo-uat3.hsbc.com/ 2 MB
347 KB 416ms
415ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae8d255cec7b0f88067c8e35d4f8597a820b0762689d2e9f5aac03711526f2b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 354511
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 08:58:02 GMT
etag: W/"660119a5-1ecd77"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=81196
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 web-tag.js Show response
businessgo-uat3.hsbc.com/vendor/ 716 B
698 B 374ms
374ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendor/web-tag.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f57aa05b3d036c57ef3c1748f2e6020cb914cb86e1547134a10b02ae9ee6071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 225
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 May 2024 02:29:03 GMT
etag: W/"6601195b-2cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 pkgver.js Show response
businessgo-uat3.hsbc.com/vendor/ 355 B
660 B 447ms
447ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendor/pkgver.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f4604cc57b60c01201b346ced372317aff22240729348496047873eb54b30eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 186
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 00:52:30 GMT
etag: W/"6601195b-163"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 179 KB
53 KB 464ms
399ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Requested by: Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/vendor/web-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8d9e7e9e760b53aeeac96239f9659855cf5da761051deccba7653ccf9b0c3db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: p.cqW7SbpbuSHwGXj.sm0vie4pjhxlnW
content-encoding: gzip
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"1f7424b566b7c91e75650bda9902fa9a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: Tk4KqGl6c-GhHfOqbUZGebtfXWga7Z8QJfzWjuBx9HWsRNIGIdzY5g==

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 109 B
547 B 488ms
424ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.sync.js
Requested by: Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/vendor/web-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45fd90ae1b51aeb3dfede64400ccf24c801b618322e99f856e5d440f736322a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BGVZfgWEP0dvY4iJKe.9478BrPvIGP7a
date: Mon, 06 May 2024 04:29:07 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
last-modified: Thu, 25 Apr 2024 12:57:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: "56f5e5cd1ab230371d5349458f99d18d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 109
x-amz-cf-id: PYfo9fCeg4ANWGhGZRwhFmcfnjdE-2ZbWzZQSYhlFU8qU8SaQanxfg==

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
563 B 152ms
38ms XHR
application/x-javascript 23.205.189.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.189.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-189-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 04:29:06 GMT
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-EdgeScape-Location
Cache-Control: max-age=1296000
X-EdgeScape-Location: country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18
Expires: Tue, 21 May 2024 04:29:06 GMT

GET
H2 200 vendors-src_hooks_useStitch_index_ts-src_modules_ErrorBoundary_index_tsx-src_modules_Footer_i-efdfec.cc3982c3.js Show response
businessgo-uat3.hsbc.com/ 256 KB
67 KB 402ms
402ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendors-src_hooks_useStitch_index_ts-src_modules_ErrorBoundary_index_tsx-src_modules_Footer_i-efdfec.cc3982c3.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

97e7f187b44c8484c61d7ba5f6b75162ecbe89cfcb72a0c41fb2362cf8e8dc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 68533
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 May 2024 02:29:05 GMT
etag: W/"660119a5-3ffae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=597424
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors-src_components_LeaveModalPrompt_index_tsx-src_components_LoadingState_index_tsx-src_c-759964.7f3425d6.js Show response
businessgo-uat3.hsbc.com/ 329 KB
66 KB 380ms
379ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendors-src_components_LeaveModalPrompt_index_tsx-src_components_LoadingState_index_tsx-src_c-759964.7f3425d6.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c5f108b90dbb10b224e45616457f94afe42c2a1104b3f0068fd76144c6d3578

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 67509
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 May 2024 04:24:19 GMT
etag: W/"660119a5-52599"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=604470
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 node_modules_siriusbeyond_ui_lib_assets_normalize_css-src_styles_vg-antd_css.061f0e9d.css
businessgo-uat3.hsbc.com/css/ 558 KB
56 KB 395ms
395ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/css/node_modules_siriusbeyond_ui_lib_assets_normalize_css-src_styles_vg-antd_css.061f0e9d.css

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

78600f028ad257862439cb744162af6a94a93564a3fff5c429bfe6b7f87cea05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 56625
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Apr 2024 07:34:41 GMT
etag: W/"660119a5-8b753"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=599032
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 src_bootstrap_tsx-src_assets_locale_lazy_recursive_json_-src_assets_fonts_HSBCBold_ttf-src_as-0e17c7.ba9d2a8d.js Show response
businessgo-uat3.hsbc.com/ 28 KB
12 KB 419ms
419ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/src_bootstrap_tsx-src_assets_locale_lazy_recursive_json_-src_assets_fonts_HSBCBold_ttf-src_as-0e17c7.ba9d2a8d.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f1e2a6c7a2417688b3e64324d89d830efa5196431edb9b6dad1a4d4d91bebcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 12231
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Apr 2024 07:35:46 GMT
etag: W/"660119a5-6f66"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=79595
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 21ms
21ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/global-cmb-businessgo/202404251257&cb=1714969746227
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Mon, 06 May 2024 04:22:42 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: iOpgvvfoHHcuOa_Bxu7THOwNTXhUa8Mh6ooKXif01YMV7VuW5q-AUA==

GET
H2 200 utag.695.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 14 KB
4 KB 416ms
415ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.695.js?utv=ut4.48.202402200223
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3056ec176dcb66a3e0a8fc72c30d93df88eb379601fc13b38f1f8aeb4836a018

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DZ_2Cf3Bm3nQSv0K3f7gUND.mr3BuNWI
content-encoding: br
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"5311b56ee96bee279d0df676f976f8af"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: rdXlkvPnuspY8KLOruAsUcoLOOIdNxBtB4kDorOo0J4_bMeNaUgH6g==

GET
H2 200 utag.502.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 16 KB
5 KB 134ms
130ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.502.js?utv=ut4.48.202308101402
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1036797f9be0e26ce235340558c011cf7caddf13a6e5cad153f14b77f76cd0a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rIoiwuviWq1IDht1_o0PI8GU2h4vVRxz
content-encoding: br
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"caac810d2a140a84a751d92876d49f92"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RJOeaygYQykuXQvsMTjetc0hxDWFuCRSe1oueRO-7Tr0pGPqfajbhQ==

GET
H2 200 utag.556.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 5 KB
2 KB 402ms
399ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.556.js?utv=ut4.48.202205231910
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 312c1e24d6005cf2ee91a31902b9cd6c52645382f472db855075e9795094335d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VIM50_lEnqM1lxWrv9Kjwvo1mlNwiqUH
content-encoding: br
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"c8c1032df3fc822218366dea2059f3d0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: p7Udi1WWJCPL_YN31N2Be66HCDywFrA9PMd3czcbygTegMdLtLmvUA==

GET
H2 200 utag.623.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 11 KB
4 KB 400ms
395ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.623.js?utv=ut4.48.202308101402
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5090a2b9307b537bf9e8c16d59a08d6552a86f4a09725b982163ea615cd2492e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: aNTACjlbRSLBNm5WA__xRDOOoBAgVi4j
content-encoding: br
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"6a3779727a099ce7e31df5cc0ab902d6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: kWlmXd6xwIPEl6OhIEkTJS0AHhpECMdMUhJ8qbYALUJAXFM8zATH5A==

GET
H2 200 utag.644.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 3 KB
2 KB 409ms
404ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.644.js?utv=ut4.48.202212021622
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14f39bcb02bd40b000f03debf65a1f5e9d5665359e02f6521f3d2b42efa7115b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9fcILAEE0SBpPiqg89nbv7Sp3RpeFB_h
content-encoding: gzip
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"668a5d0ef2bcbbb13d296f3daff6e186"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: yK_8h0ohsaaQfhWPQTb2tMJP2vu8U6UPlWgXWF5dRm_hXjs6b7XzSA==

GET
H2 200 utag.668.js Show response
tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/ 4 KB
2 KB 399ms
394ms Script
application/javascript 2600:9000:235a:9600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.668.js?utv=ut4.48.202403221332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da642954fb1b00fd75c0355f0ce9456857fbdf107ec8a4d13e1aba8eee027060

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8v0WhP9N7JJsYcicef3q_7d8x2faS29J
content-encoding: br
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront)
date: Mon, 06 May 2024 04:29:07 GMT
last-modified: Thu, 25 Apr 2024 12:57:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"623b8959ec920fe517b846e7366570f4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: xKHRgwYJQRg1_rOJtGrZw3IGIc1qQe7gCrbudSBzszFP15glgkzUPA==

POST
H2 200 i.gif Show response
collect-ap-east-1.tealiumiq.com/hsbc/hk-cmb/2/ 43 B
758 B 998ms
330ms XHR
image/gif 16.163.242.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-ap-east-1.tealiumiq.com/hsbc/hk-cmb/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.502.js?utv=ut4.48.202308101402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.242.138 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-242-138.ap-east-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEF4elax31b0OqHQZ

Response headers

date: Mon, 06 May 2024 04:29:07 GMT
x-serverid: uconnect_i-0d75f9277c72ca41d
x-tid: 018f4c299ac50001953b7ed8404b0506f002106700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: hsbc:hk-cmb:2:datacloud
x-region: ap-east-1
content-length: 43
pragma: no-cache
x-did: 018f4c299ac50001953b7ed8404b0506f002106700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://businessgo-uat3.hsbc.com
x-ulver: 298ff134486349abada8bd9f7d28761e50c954eb-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 338e1114-d7b4-4eb4-a2c3-25e2560fb82b
expires: Mon, 06 May 2024 04:29:07 GMT

GET
H2 200 dnb_coretag_v6.min.js Show response
v2.d41.co/tags/ 97 KB
97 KB 180ms
113ms Script
application/javascript 52.58.255.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.d41.co/tags/dnb_coretag_v6.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.58.255.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-255-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 27e5a3ad59a9e0213824b548d9703155b454cfcffc7690842436aff86cb310c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
x-amzn-remapped-content-length: 99032
x-amzn-trace-id: Root=1-66385c92-37a2782928e13fb91ae2c02a
x-amzn-requestid: df167f70-83cc-4f0b-8524-14099d0e8051
content-type: application/javascript
timestamp: Mon, 06 May 2024 04:29:07 GMT
x-amz-apigw-id: XVNm-GMzliAEJvg=
content-length: 99032

GET
H2 204 / Show response
api7119.d41.co/sync/ 0
474 B 399ms
125ms Script
text/plain 18.210.253.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api7119.d41.co/sync/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.668.js?utv=ut4.48.202403221332

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.253.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-253-134.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
expect-ct: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://businessgo-uat3.hsbc.com
cache-control: no-store
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 99ms
30ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=018f4c299ac50001953b7ed8404b0506f002106700b08hsbchk-cmb&tealium_account=hsbc&tealium_profile=hk-cmb

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 heap-140346066.js Show response
cdn.heapanalytics.com/js/ 116 KB
37 KB 262ms
201ms Script
application/javascript 13.32.27.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-140346066.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-5.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

d5148ae20157a381866a93039b4daaa1fd83d777a6301ff70cc18010efa52167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:06 GMT
content-encoding: br
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1d12a-RnWhxeKs+8a7jUUUA/xmAYip4wM"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EzlfMF2wS6YTaTlkBWufnYaFRrvJeBm9WKKhDyRy7uCkIVqtzFykRA==

GET
H2 200 HSBCRegular.f51c04cf.woff2
businessgo-uat3.hsbc.com/assets/fonts/ 16 KB
17 KB 657ms
656ms Font
application/octet-stream 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/assets/fonts/HSBCRegular.f51c04cf.woff2

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

78e0b03ae4f76c7e86a1cc1925795aac9c475af4766628c68bcae9a6cddd1e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Origin: https://businessgo-uat3.hsbc.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 16720
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Mar 2024 06:28:53 GMT
etag: "660119a5-4134"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=2592000
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges: bytes

GET
H2 200 mfe-config.json Show response
businessgo-uat3.hsbc.com/mfeConfig/ 3 KB
1 KB 332ms
332ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfeConfig/mfe-config.json

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

19382cc811c8085e836061f06b53956f8259968b061aadd50d554328d6fd2a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 818
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Mar 2024 06:28:53 GMT
etag: W/"660119a5-dc3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:07 GMT

GET
H2 403 profile Show response
businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/ 68 B
519 B 348ms
348ms XHR
text/plain 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddbfe54805d4e9626890ae24825509adae843e1a3148836e4ff2638a7dfe35df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
internalId: 018f4c299ac50001953b7ed8404b0506f002106700b08
country-or-region: WORLD_WIDE
guestId: bda27ff9-5104-4d12-9e3a-07cfb6c4a920
language: en_US
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
country: DE
x-xss-protection: 1; mode=block
expires: Mon, 06 May 2024 04:29:07 GMT

GET
H2 200 validate Show response
ipw.d41.co/ 49 B
466 B 135ms
26ms Fetch
application/json 3.120.63.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipw.d41.co/validate

Requested by

Host: v2.d41.co
URL: https://v2.d41.co/tags/dnb_coretag_v6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.120.63.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-63-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2dd69775d3c43b7650c444e5c5b95053e819a8307b752dae05b5711377883e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 47fa9a795341792c
expires: 0

GET
H2 200 telemetry
heapanalytics.com/api/ 32 B
234 B 360ms
116ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=140346066&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1714969747005&hv=4.22.0

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 32
content-type: image/gif

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
260 B 354ms
118ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=140346066&u=40989794686135&v=6124530439480507&s=8015791358444170&b=web&tv=4.0&_tv_id=018f4c299ac50001953b7ed8404b0506f002106700b08&st=1714969747018

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 352ms
117ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=140346066&u=40989794686135&v=6124530439480507&s=8015791358444170&b=web&tv=4.0&z=0&h=%2F&d=businessgo-uat3.hsbc.com&t=HSBC%20Business%20Go&k=page_name&k=Businessgo-uat3%3AHome&k=ut_env&k=dev&k=ut_domain&k=hsbc.com&k=ut_profile&k=global-cmb-businessgo&k=page_url&k=businessgo-uat3.hsbc.com%2F&ts=1714969747016&ubv=124.0.6367.118&upv=10.0.0&st=1714969747019

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 352ms
118ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=140346066&u=40989794686135&v=6124530439480507&s=8015791358444170&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1714969747016&sp=d&sp=businessgo-uat3.hsbc.com&sp=h&sp=%2F&sp=t&sp=HSBC%20Business%20Go&pp=d&pp=businessgo-uat3.hsbc.com&pp=h&pp=%2F&pp=t&pp=HSBC%20Business%20Go&pp=ts&pp=1714969747016&id0=5766923745332342&k0=page_name&k0=Businessgo-uat3%3AHome&k0=ut_env&k0=dev&k0=ut_domain&k0=hsbc.com&k0=ut_profile&k0=global-cmb-businessgo&k0=page_url&k0=businessgo-uat3.hsbc.com%2F&k0=page_name&k0=Businessgo-uat3%3AHome&k0=page_name_en&k0=Businessgo-uat3%3AHome&k0=page_url&k0=businessgo-uat3.hsbc.com%2F&k0=tealium_profile&k0=global-cmb-businessgo&k0=tealium_env&k0=dev&k0=tealium_account&k0=hsbc&k0=tealium_event&k0=view&k0=time_parting&k0=6%3A29%20AM%7CMonday&t0=Page%20View%20(c)&ts0=1714969747010&ubv0=124.0.6367.118&upv0=10.0.0&st=1714969747019

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c1dda294108f38aac197c0abb1ad85138e630b3ea1c0b2fdc8696326fd76be9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p.js Show response
cdn.parsely.com/keys/staginguat3.hsbc.com.hk/ 47 KB
18 KB 276ms
214ms Script
application/javascript 18.172.109.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/staginguat3.hsbc.com.hk/p.js
Requested by: Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.109.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-109-51.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6cd3709f164ede757430917956b6dd5c4bd9cfd9e4f4b3f5e2be9f6b79651b3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 06 May 2024 04:29:07 GMT
content-encoding: gzip
via: 1.1 d25e4a27039adc5d5e5994e9610df300.cloudfront.net (CloudFront)
last-modified: Tue, 16 Feb 2021 16:44:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P8
etag: W/"602bf662-bd38"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: UgKZcMeXhweacI95UH_PnuVwVlew_AlPpIDdKJAX8ZhiNhcCUzoYHQ==
expires: Tue, 07 May 2024 04:29:07 GMT

GET
H2 200 HSBCMedium.b79fa80d.woff2
businessgo-uat3.hsbc.com/assets/fonts/ 16 KB
17 KB 609ms
609ms Font
application/octet-stream 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/assets/fonts/HSBCMedium.b79fa80d.woff2

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ace48892f3c1ca4f83d1925d4a5029e54926c17cf438edccb0351e571c732d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Origin: https://businessgo-uat3.hsbc.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 16848
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Mar 2024 06:28:53 GMT
etag: "660119a5-41b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=2592000
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges: bytes

GET
H2 200 HSBCBold.54164aae.woff2
businessgo-uat3.hsbc.com/assets/fonts/ 16 KB
17 KB 520ms
520ms Font
application/octet-stream 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/assets/fonts/HSBCBold.54164aae.woff2

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cb1fc56e03922009390d3588a3a18ec9a2ceddac2ee486b85445a9f911780d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Origin: https://businessgo-uat3.hsbc.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 16856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Mar 2024 06:28:53 GMT
etag: "660119a5-41bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=2592000
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges: bytes

GET
H2 200 websitewhitelist Show response
businessgo-uat3.hsbc.com/api/security-framework/platform-applicationconfigmanager/v1/ 105 B
743 B 351ms
350ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/api/security-framework/platform-applicationconfigmanager/v1/websitewhitelist

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5affbe94cb42c080ba54c76901253e667dd6126fbb31cb635fe4dcb4ba885151

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; img-src 'self';
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
internalId: 018f4c299ac50001953b7ed8404b0506f002106700b08
country-or-region: WORLD_WIDE
guestId: bda27ff9-5104-4d12-9e3a-07cfb6c4a920
language: en_US
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; img-src 'self';
date: Mon, 06 May 2024 04:29:07 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-dns-prefetch-control: off
content-length: 105
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
etag: W/"69-gm1AEFnAsII5H9IYoQXnQ8A+giY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
country: DE
expires: Mon, 06 May 2024 04:29:07 GMT

GET
H2 403 profile Show response
businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/ 68 B
519 B 349ms
349ms XHR
text/plain 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddbfe54805d4e9626890ae24825509adae843e1a3148836e4ff2638a7dfe35df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
internalId: 018f4c299ac50001953b7ed8404b0506f002106700b08
country-or-region: WORLD_WIDE
guestId: bda27ff9-5104-4d12-9e3a-07cfb6c4a920
language: en_US
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
country: DE
x-xss-protection: 1; mode=block
expires: Mon, 06 May 2024 04:29:07 GMT

GET
H2 200 remoteEntry.js Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/ 11 KB
5 KB 724ms
723ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a6781827d2590a66211d10876400d10bad56ed9c2cb00b0895fd0a234d480dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 4389
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-2a35"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:08 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 118ms
117ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=140346066&u=40989794686135&v=3779659605809896&s=8015791358444170&b=web&tv=4.0&z=2&h=%2Fen%2F&d=businessgo-uat3.hsbc.com&t=HSBC%20Business%20Go&k=page_name&k=Businessgo-uat3%3AHome&k=ut_env&k=dev&k=ut_domain&k=hsbc.com&k=ut_profile&k=global-cmb-businessgo&k=page_url&k=businessgo-uat3.hsbc.com%2F&ts=1714969747370&pr=%2F&sp=z&sp=0&sp=ts&sp=1714969747016&sp=d&sp=businessgo-uat3.hsbc.com&sp=h&sp=%2F&sp=t&sp=HSBC%20Business%20Go&ubv=124.0.6367.118&upv=10.0.0&st=1714969747371

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 018f4c299ac50001953b7ed8404b0506f002106700b08 Show response
visitor-service-ap-east-1.tealiumiq.com/hsbc/hk-cmb/ 2 KB
2 KB 980ms
319ms Script
application/javascript 18.166.207.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-east-1.tealiumiq.com/hsbc/hk-cmb/018f4c299ac50001953b7ed8404b0506f002106700b08?callback=utag.ut%5B%22writevahk-cmb%22%5D&rnd=1714969747377

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.166.207.216 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-166-207-216.ap-east-1.compute.amazonaws.com

Software

Resource Hash

d838916b385ecaa592db7f7ad2409c2dd4d4a52fd8239540bb198684b65fbb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 791bddf32436d5e117e1c99bdf318a03a83c1029-SNAPSHOT
date: Mon, 06 May 2024 04:29:08 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-east-1
content-length: 2144
x-nodeid: i-037563cb8236a408a
content-type: application/javascript; charset=utf-8

GET
H2 200 telemetry
heapanalytics.com/api/ 32 B
233 B 116ms
116ms Image
image/gif 34.193.155.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=140346066&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1714969747009&hv=4.22.0

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.155.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-155-242.compute-1.amazonaws.com

Software

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 May 2024 04:29:07 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 32
content-type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 207ms
50ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1714969747707&plid=87809677&idsite=staginguat3.hsbc.com.hk&url=https%3A%2F%2Fbusinessgo-uat3.hsbc.com%2Fen%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbusinessgo-uat3.hsbc.com%2Fen%2F&sref=&sts=1714969747704&slts=0&title=HSBC+Business+Go&date=Mon+May+06+2024+06%3A29%3A07+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=8817500&u=pid%3D5d5bbc90e1525c514bd4ad99a689fcf0
Requested by: Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 04:29:07 GMT
Cache-Control: no-cache
Last-Modified: Monday, 06-May-2024 04:29:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 miProfile Show response
businessgo-uat3.hsbc.com/api/security-framework/mi-report/v1/ 53 B
543 B 415ms
414ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/api/security-framework/mi-report/v1/miProfile

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/main.3767ed4d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5749617b01c8cba04559ba98e4709615a64dc09682b008f64bce5d74dc4160d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
internalId: 018f4c299ac50001953b7ed8404b0506f002106700b08
country-or-region: WORLD_WIDE
guestId: bda27ff9-5104-4d12-9e3a-07cfb6c4a920
language: en_US
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/en/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 63
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
country: DE
expires: Mon, 06 May 2024 04:29:08 GMT

GET
H2 200 remoteEntry.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 16 KB
8 KB 855ms
853ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d851bbe16e8897add96e0444bc56f35db5ec1fd1dc4b36a161fdab25b3b7555b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 7230
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 06:40:46 GMT
etag: W/"65eea76e-3e5d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:08 GMT

GET
H2 200 vendors-src_mfeEntry_tsx-src_modules_Policy_TermsOfService_En_tsx-src_modules_Policy_TermsOfS-0294f9.61c42842.js Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/ 816 KB
256 KB 407ms
406ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/vendors-src_mfeEntry_tsx-src_modules_Policy_TermsOfService_En_tsx-src_modules_Policy_TermsOfS-0294f9.61c42842.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

161d719793beea13f1cb5b2a2c462d39d360b36af26f3c2c362c1c3d308a9112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 261343
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-cc181"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=842
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors-src_modules_HelpCenter_HelpCenter_tsx-src_modules_HomeOfHome_index_tsx-src_modules_In-b4f7e5.css
businessgo-uat3.hsbc.com/mfe/portal-layout/css/ 16 KB
4 KB 379ms
378ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/css/vendors-src_modules_HelpCenter_HelpCenter_tsx-src_modules_HomeOfHome_index_tsx-src_modules_In-b4f7e5.css

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32c767efc8278ecf42ee67754de2538bb397c93e84761be94dbafedf8e9c12a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 3924
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Apr 2024 07:37:04 GMT
etag: W/"660a6d9c-418b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors-src_modules_HelpCenter_HelpCenter_tsx-src_modules_HomeOfHome_index_tsx-src_modules_In-b4f7e5.c076de21.js Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/ 1 MB
136 KB 380ms
380ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/vendors-src_modules_HelpCenter_HelpCenter_tsx-src_modules_HomeOfHome_index_tsx-src_modules_In-b4f7e5.c076de21.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e30bdba82165a50de4815ad6dafa157b8132d861ebb0384e13011a8f32fb82f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 138814
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 May 2024 18:53:38 GMT
etag: W/"660a6d9c-15e6f0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=263311
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 src_components_BackTop_index_tsx-src_components_BaseDropdown_index_tsx-src_components_Carouse-8cf504.92012285.js Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/ 88 KB
38 KB 836ms
836ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/src_components_BackTop_index_tsx-src_components_BaseDropdown_index_tsx-src_components_Carouse-8cf504.92012285.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87e290705e18a6253c80bbd48a5b8d6d8c736a2bc6ec63fcae1e332d03d1d2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 38578
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-15eec"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=843
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 articlecontent.css
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/css/ 1 MB
429 KB 384ms
383ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/css/articlecontent.css

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3be329c2e69874b14928150c01e31c59cca8e2a9f812aab65a569e4ae1934a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 438213
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Apr 2024 07:34:22 GMT
etag: W/"65eea76e-14988b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors~articlecontent.3.6a2964c2b4663fe6e785.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 5 MB
2 MB 1367ms
1366ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/vendors~articlecontent.3.6a2964c2b4663fe6e785.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c4721976bff12a7bc599b829db1e923341c639df1a872f06e0f2aa4e52bea1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:10 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 06:40:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"65eea76e-83c00e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=849
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
x-xss-protection: 1; mode=block

GET
H2 200 vendors~articlecontent.28.5402d15d8486f2a0dc59.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 11 KB
6 KB 862ms
861ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/vendors~articlecontent.28.5402d15d8486f2a0dc59.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f7f341d81e587d15fd305fc68607667899aeb6693f381ab24849dcb126cb6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 5343
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 06:40:46 GMT
etag: W/"65eea76e-2cd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=881
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors~articlecontent.4.45f6cf433a540ef8279d.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 7 KB
4 KB 556ms
555ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/vendors~articlecontent.4.45f6cf433a540ef8279d.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d5559055ec7bc705e75d49b50c19fb2e04739af876f002fd9115dc27b8f71b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 3400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 06:40:46 GMT
etag: W/"65eea76e-1d97"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=842
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors~articlecontent.31.09e14dd5fe61cff49d63.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 53 KB
10 KB 407ms
407ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/vendors~articlecontent.31.09e14dd5fe61cff49d63.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b6b61b9ca6f517b19c043d76a9d54a580fc92582a33014e38d00dcd685c1b5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 10155
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2024 09:33:39 GMT
etag: W/"65eea76e-d5d7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=277439
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 vendors~articlecontent.8.cb19ab0a77ad84ac4bad.js Show response
businessgo-uat3.hsbc.com/mfe/widget-articlecontent/ 4 KB
2 KB 398ms
398ms Script
application/javascript 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/vendors~articlecontent.8.cb19ab0a77ad84ac4bad.js

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/widget-articlecontent/remoteEntry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7c9d1cdd34bb8244457f26278322fd18c3325a169f46a2ac2615e2e56f675fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 1707
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 06:04:15 GMT
etag: W/"65eea76e-117d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=5497
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()

GET
H2 200 widget~main~layout~en.json Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/ 130 KB
41 KB 569ms
568ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/widget~main~layout~en.json

Requested by

Host: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/vendors-src_mfeEntry_tsx-src_modules_Policy_TermsOfService_En_tsx-src_modules_Policy_TermsOfS-0294f9.61c42842.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51749a6633db962c03bb575b75716c458e04b4197122dd8c9ee7bfc6724bf378

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-208f9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:12 GMT

GET
H2 200 widget~main~layout~zh-Hant.json Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/ 114 KB
38 KB 372ms
371ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/widget~main~layout~zh-Hant.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c7726291adaac20fe63ef9fb6cda2034507e5d758ea9f7d140af4dbb4497f025

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-1c81d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:12 GMT

GET widget~main~layout~zh-Hans.json
businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/ 0
0

GET
H2 200 widget~main~layout~fr-ca.json Show response
businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/ 125 KB
40 KB 605ms
605ms XHR
application/json 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/widget~main~layout~fr-ca.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e9a6fb7a0669f625117d31c3aa65d522bd0a7754cd2f34d9e7ecf8c4e9f69333

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 08:17:32 GMT
etag: W/"660a6d9c-1f3e3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=0, no-cache, no-store
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
expires: Mon, 06 May 2024 04:29:12 GMT

GET
H2 200 / Show response
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
5 KB 642ms
565ms Script
application/javascript 104.17.209.240

General

Check archive.org

Show headers Download Go to

Full URL

https://zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?siteinterceptserver=zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com&Q_ZID=SI_2fXwNpIDGPVnTMi&Q_LOC=https%3A%2F%2Fbusinessgo-uat3.hsbc.com%2F

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/hsbc/global-cmb-businessgo/dev/utag.644.js?utv=ut4.48.202212021622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a881d4186b599ffef1f7c583ef2e202962bf1791951ab5ffcc67d5420609fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2670-90F13vxodkf2znxDTkTvijb6yz0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87f63a549af98f39-FRA

GET
H2 200 favicon.ico
businessgo-uat3.hsbc.com/vendor/verification/images/ 2 KB
2 KB 679ms
678ms Other
image/x-icon 2a02:26f0:3500:14::1724:a255
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://businessgo-uat3.hsbc.com/vendor/verification/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a255 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390b278641dff296d100a43d9b2ee5c373d6bda29b107f8379be38b1fc6a3c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/en/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 1798
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Mar 2024 06:27:39 GMT
etag: "6601195b-6ef"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: https://businessgo-uat2.hsbc.com
generate-request-id: false
cache-control: max-age=60
permissions-policy: accelerometer=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(),usb=()
accept-ranges: bytes

GET
H2 200 12.ffd98a9d3b8cbf2075ed.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 74 KB
21 KB 45ms
40ms Script
application/javascript 104.17.209.240

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.ffd98a9d3b8cbf2075ed.chunk.js?Q_CLIENTVERSION=2.5.0&Q_CLIENTTYPE=web&Q_BRANDID=businessgo-uat3.hsbc.com

Requested by

Host: zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
URL: https://zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?siteinterceptserver=zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com&Q_ZID=SI_2fXwNpIDGPVnTMi&Q_LOC=https%3A%2F%2Fbusinessgo-uat3.hsbc.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4018d7f0a983131974acbea85f1be1a84c2cca541c584f98b5c5c83413913695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 525126
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 17:52:42 GMT
server: cloudflare
etag: W/"1267d-18ee2e3c610"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87f63a583dd98f39-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 141ms
141ms XHR
application/json 104.17.209.240

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_InterceptID=SI_2fXwNpIDGPVnTMi&Q_CLIENTVERSION=2.5.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.ffd98a9d3b8cbf2075ed.chunk.js?Q_CLIENTVERSION=2.5.0&Q_CLIENTTYPE=web&Q_BRANDID=businessgo-uat3.hsbc.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d3d4a9e5c25d661008b69c0fa05a09710e93453051e602f2491d35c204e30ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://businessgo-uat3.hsbc.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 May 2024 04:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://businessgo-uat3.hsbc.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: b596fb571dd62a76
timing-allow-origin: *
cf-ray: 87f63a588e0f8f39-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: businessgo-uat3.hsbc.com
URL: https://businessgo-uat3.hsbc.com/mfe/portal-layout/locale/1711959368317/widget~main~layout~zh-Hans.json

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
businessgo-uat3.hsbc.com/	1970-01-20 20:24:16	Name: felabel Value: g
businessgo-uat3.hsbc.com/	1970-01-21 05:58:49	Name: GUEST_ID Value: bda27ff9-5104-4d12-9e3a-07cfb6c4a920
businessgo-uat3.hsbc.com/	1970-01-21 05:58:49	Name: INTERNAL_ID Value: 018f4c299ac50001953b7ed8404b0506f002106700b08
.hsbc.com/	1970-01-21 05:50:47	Name: _hp2_props.140346066 Value: %7B%22page_name%22%3A%22Businessgo-uat3%3AHome%22%2C%22ut_env%22%3A%22dev%22%2C%22ut_domain%22%3A%22hsbc.com%22%2C%22ut_profile%22%3A%22global-cmb-businessgo%22%2C%22page_url%22%3A%22businessgo-uat3.hsbc.com%2F%22%7D
.tealiumiq.com/	1970-01-21 05:08:25	Name: TAPID Value: hsbc/hk-cmb>018f4c299ac50001953b7ed8404b0506f002106700b08\|
.hsbc.com/	1970-01-21 05:50:47	Name: _hp2_id.140346066 Value: %7B%22userId%22%3A%2240989794686135%22%2C%22pageviewId%22%3A%223779659605809896%22%2C%22sessionId%22%3A%228015791358444170%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.hsbc.com/	1970-01-21 05:08:25	Name: utag_main Value: v_id:018f4c299ac50001953b7ed8404b0506f002106700b08$_sn:1$_se:1$_ss:1$_st:1714971546118$ses_id:1714969746118%3Bexp-session$_pn:1%3Bexp-session$v_rc:HE$v_cc:DE$v_c:FRANKFURT$dc_visit:1$dc_event:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_region:ap-east-1%3Bexp-session
.hsbc.com/	1970-01-20 20:22:51	Name: _hp2_ses_props.140346066 Value: %7B%22ts%22%3A1714969747016%2C%22d%22%3A%22businessgo-uat3.hsbc.com%22%2C%22h%22%3A%22%2F%22%7D
.hsbc.com/	1970-01-20 20:22:51	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://businessgo-uat3.hsbc.com/en/%22%2C%22sref%22:%22%22%2C%22sts%22:1714969747704%2C%22slts%22:0}
.hsbc.com/	1970-01-21 05:52:13	Name: _parsely_visitor Value: {%22id%22:%22pid=5d5bbc90e1525c514bd4ad99a689fcf0%22%2C%22session_count%22:1%2C%22last_session_ts%22:1714969747704}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://businessgo-uat3.hsbc.com/en/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://businessgo-uat3.hsbc.com/api/security-framework/platform-userprofilemanagement/v1/sirius/profile Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://businessgo-uat3.hsbc.com/en/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai.tiqcdn.com
api7119.d41.co
businessgo-uat3.hsbc.com
cdn.heapanalytics.com
cdn.parsely.com
cm.g.doubleclick.net
collect-ap-east-1.tealiumiq.com
heapanalytics.com
ipw.d41.co
p1.parsely.com
siteintercept.qualtrics.com
tags.tiqcdn.com
v2.d41.co
visitor-service-ap-east-1.tealiumiq.com
zn7pmbtabt6c6hhtj-hsbccmb.siteintercept.qualtrics.com
businessgo-uat3.hsbc.com
104.17.209.240
13.32.27.5
142.250.186.162
16.163.242.138
18.166.207.216
18.172.109.51
18.210.253.134
23.205.189.82
2600:9000:235a:9600:7:2bfb:7c00:93a1
2a02:26f0:3500:14::1724:a255
3.120.63.212
34.193.155.242
52.17.99.225
52.58.255.70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1dda294108f38aac197c0abb1ad85138e630b3ea1c0b2fdc8696326fd76be9
1036797f9be0e26ce235340558c011cf7caddf13a6e5cad153f14b77f76cd0a9
14f39bcb02bd40b000f03debf65a1f5e9d5665359e02f6521f3d2b42efa7115b
161d719793beea13f1cb5b2a2c462d39d360b36af26f3c2c362c1c3d308a9112
19382cc811c8085e836061f06b53956f8259968b061aadd50d554328d6fd2a01
1a6781827d2590a66211d10876400d10bad56ed9c2cb00b0895fd0a234d480dc
27e5a3ad59a9e0213824b548d9703155b454cfcffc7690842436aff86cb310c1
2dd69775d3c43b7650c444e5c5b95053e819a8307b752dae05b5711377883e54
3056ec176dcb66a3e0a8fc72c30d93df88eb379601fc13b38f1f8aeb4836a018
312c1e24d6005cf2ee91a31902b9cd6c52645382f472db855075e9795094335d
32c767efc8278ecf42ee67754de2538bb397c93e84761be94dbafedf8e9c12a8
390b278641dff296d100a43d9b2ee5c373d6bda29b107f8379be38b1fc6a3c3a
3be329c2e69874b14928150c01e31c59cca8e2a9f812aab65a569e4ae1934a8f
4018d7f0a983131974acbea85f1be1a84c2cca541c584f98b5c5c83413913695
45fd90ae1b51aeb3dfede64400ccf24c801b618322e99f856e5d440f736322a0
4a881d4186b599ffef1f7c583ef2e202962bf1791951ab5ffcc67d5420609fab
4c5f108b90dbb10b224e45616457f94afe42c2a1104b3f0068fd76144c6d3578
4d6ac96a42cefb572bb2abcaac001985f4ddb527579cc246c8e99e30ce2f0824
5090a2b9307b537bf9e8c16d59a08d6552a86f4a09725b982163ea615cd2492e
51749a6633db962c03bb575b75716c458e04b4197122dd8c9ee7bfc6724bf378
5749617b01c8cba04559ba98e4709615a64dc09682b008f64bce5d74dc4160d3
5affbe94cb42c080ba54c76901253e667dd6126fbb31cb635fe4dcb4ba885151
5b8a21f0870f858385f944c503dc56176bc21235964a058631749faf00d82dbf
6cd3709f164ede757430917956b6dd5c4bd9cfd9e4f4b3f5e2be9f6b79651b3d
733abede8d6aac6197a95d1b7da177b44609e96e6a66bf3fb40fd19f9cbb8ee4
78600f028ad257862439cb744162af6a94a93564a3fff5c429bfe6b7f87cea05
78e0b03ae4f76c7e86a1cc1925795aac9c475af4766628c68bcae9a6cddd1e9d
7c9d1cdd34bb8244457f26278322fd18c3325a169f46a2ac2615e2e56f675fa4
7f57aa05b3d036c57ef3c1748f2e6020cb914cb86e1547134a10b02ae9ee6071
7f7f341d81e587d15fd305fc68607667899aeb6693f381ab24849dcb126cb6f3
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
87e290705e18a6253c80bbd48a5b8d6d8c736a2bc6ec63fcae1e332d03d1d2e0
97e7f187b44c8484c61d7ba5f6b75162ecbe89cfcb72a0c41fb2362cf8e8dc4b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ace48892f3c1ca4f83d1925d4a5029e54926c17cf438edccb0351e571c732d2f
ae8d255cec7b0f88067c8e35d4f8597a820b0762689d2e9f5aac03711526f2b4
b6b61b9ca6f517b19c043d76a9d54a580fc92582a33014e38d00dcd685c1b5aa
b8d9e7e9e760b53aeeac96239f9659855cf5da761051deccba7653ccf9b0c3db
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4721976bff12a7bc599b829db1e923341c639df1a872f06e0f2aa4e52bea1b4
c7726291adaac20fe63ef9fb6cda2034507e5d758ea9f7d140af4dbb4497f025
cb1fc56e03922009390d3588a3a18ec9a2ceddac2ee486b85445a9f911780d05
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3d4a9e5c25d661008b69c0fa05a09710e93453051e602f2491d35c204e30ee5
d5148ae20157a381866a93039b4daaa1fd83d777a6301ff70cc18010efa52167
d5559055ec7bc705e75d49b50c19fb2e04739af876f002fd9115dc27b8f71b26
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d838916b385ecaa592db7f7ad2409c2dd4d4a52fd8239540bb198684b65fbb3b
d851bbe16e8897add96e0444bc56f35db5ec1fd1dc4b36a161fdab25b3b7555b
da642954fb1b00fd75c0355f0ce9456857fbdf107ec8a4d13e1aba8eee027060
ddbfe54805d4e9626890ae24825509adae843e1a3148836e4ff2638a7dfe35df
e30bdba82165a50de4815ad6dafa157b8132d861ebb0384e13011a8f32fb82f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a6fb7a0669f625117d31c3aa65d522bd0a7754cd2f34d9e7ecf8c4e9f69333
f1e2a6c7a2417688b3e64324d89d830efa5196431edb9b6dad1a4d4d91bebcc8
f4604cc57b60c01201b346ced372317aff22240729348496047873eb54b30eb0

businessgo-uat3.hsbc.com Open in urlscan Pro 2a02:26f0:3500:14::1724:a255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

14 %IPv6

8 Domains

15 Subdomains

15 IPs

5 Countries

3850 kBTransfer

13233 kBSize

10 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

businessgo-uat3.hsbc.com Open in urlscan Pro
2a02:26f0:3500:14::1724:a255 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

14 %
IPv6

8
Domains

15
Subdomains

15
IPs

5
Countries

3850 kB
Transfer

13233 kB
Size

10
Cookies

63 HTTP transactions
1 data transactions