bytes
40
max-age=60, s-maxage=60
keep-alive
gzip
19715
default-src 'self' *.hsbc.com.hk; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.tiqcdn.com *.tealiumiq.com *.liveperson.net *.googletagmanager.com *.hsbc.co.uk *.hsbc.com.hk *.doubleclick.net *.googleadservices.com *.lpsnmedia.net *.optimizely.com *.facebook.net *.google.com *.gstatic.com *.appdynamics.com *.googleapis.com *.awswaf.com *.analytics.yahoo.com vjs.zencdn.net players.brightcove.net *.hsbc.ae *.recaptcha.net *.hsbc.com.hk:* *.jsdelivr.net bat.bing.com *.amazon-adsystem.com static.ads-twitter.com tpc.googlesyndication.com lo.v.liveperson.net tags.tiqcdn.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com lpcdn.lpsnmedia.net lptag.liveperson.net accdn.lpsnmedia.net cdn.optimizely.com cdn.appdynamics.com www.googletagmanager.com www.isstmena.hsbc.ae ssl.google-analytics.com www.google-analytics.com maps.googleapis.com *.tt.omtrdc.net *.sc.omtrdc.net *.demdex.net *.walkme.com pixel.everesttech.net *.contentsquare.com *.qualtrics.com cdn-assets-prod.s3.amazonaws.com; img-src data: * blob:; connect-src 'self' *.tiqcdn.com *.tealiumiq.com *.hsbc.com.hk *.eum-appdynamics.com *.optimizely.com wss://*.liveperson.net *.cloud.hsbc *.awswaf.com *.analytics.yahoo.com players.brightcove.net edge.api.brightcove.com *.hsbc.ae *.adsrvr.org *.hsbc.com.hk:* *.amazonaws.com *.hsbc.com *.onfido.com wss://*.hsbc.com bat.bing.com *.siteintercept.qualtrics.com adservice.google.com http://127.0.0.1:5000 http://127.0.0.1:5000/* *.brightcovecdn.com www.facebook.com www.google.com ad.doubleclick.net servicing.hsbc.co.uk maps.googleapis.com www.googletagmanager.com analytics.google.com akamai.tiqcdn.com stats.g.doubleclick.net www.google-analytics.com t.co analytics.twitter.com *.tt.omtrdc.net *.sc.omtrdc.net *.demdex.net *.liveperson.net *.google.com *.walkme.com pixel.everesttech.net *.qualtrics.com *.contentsquare.com rbwm-api.us.hsbc.com rbwm-api.hsbc.co.uk rbwm-api.hsbc.com.hk manifest.prod.boltdns.net col.eum-appdynamics.com cdn-assets-prod.s3.amazonaws.com; frame-src 'self' blob: *.lpsnmedia.net *.optimizely.com *.liveperson.net *.google.com *.doubleclick.net *.analytics.yahoo.com players.brightcove.net www.facebook.com tpc.googlesyndication.com www.youtube.com www.googletagmanager.com td.doubleclick.net 8715533.fls.doubleclick.net *.demdex.net *.walkme.com liveperson.com *.qualtrics.com connect.facebook.net; frame-ancestors 'self' www.hsbc.ae; font-src 'self' data: *.hsbc.com.hk fonts.gstatic.com; worker-src 'self' blob: *.demdex.net *.lpsnmedia.net *.liveperson.net *.google.com; style-src 'self' 'unsafe-inline' *.hsbc.com.hk *.googleapis.com players.brightcove.net; object-src 'self' players.brightcove.net; media-src 'self' blob: *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com *.brightcovecdn.com lpcdn.lpsnmedia.net manifest.prod.boltdns.net; manifest-src 'self' www.hsbc.ae; upgrade-insecure-requests ; report-uri /csp/report;
text/html; charset=utf-8
Wed, 10 Jan 2024 14:33:24 GMT
Wed, 10 Jan 2024 12:48:08 GMT
dispatcher3euwest1
Apache
cdn-cache-hit,cdn-pop;desc="MAN51-P3",cdn-rid;desc="ZAHqgQ824DuPWZNDhow1bPDAoFkFzX1dIvPTWwHe87Y2WUfzK2IvIA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=40
max-age=31536000; includeSubdomains
Accept-Encoding
1.1 6cf70f8918d964c999008daedfcf3b90.cloudfront.net (CloudFront)
ZAHqgQ824DuPWZNDhow1bPDAoFkFzX1dIvPTWwHe87Y2WUfzK2IvIA==
MAN51-P3
Hit from cloudfront
nosniff
SAMEORIGIN
1; mode=block
|