bytes
7
max-age=60, s-maxage=60
keep-alive
gzip
18719
default-src 'self' *.hsbc.com.hk; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.tiqcdn.com *.tealiumiq.com *.liveperson.net *.googletagmanager.com *.hsbc.co.uk *.hsbc.com.hk *.doubleclick.net *.googleadservices.com *.lpsnmedia.net *.optimizely.com *.facebook.net *.google.com *.gstatic.com *.appdynamics.com *.googleapis.com *.awswaf.com *.analytics.yahoo.com vjs.zencdn.net players.brightcove.net *.recaptcha.net *.licdn.com connect.facebook.net lptag.liveperson.net tags.tiqcdn.com www.googletagmanager.com www.google-analytics.com www.googleadservices.com ssl.google-analytics.com googleads.g.doubleclick.net cdn.optimizely.com cdn.appdynamics.com *.v.liveperson.net cdn-assets-prod.s3.amazonaws.com; img-src data: * android-webview-video-poster: android-webview:; connect-src 'self' *.tiqcdn.com *.tealiumiq.com *.hsbc.com.hk *.eum-appdynamics.com *.optimizely.com wss://*.liveperson.net *.cloud.hsbc *.awswaf.com *.analytics.yahoo.com players.brightcove.net edge.api.brightcove.com *.hsbc.co.uk adservice.google.com *.qualtrics.com *.boltdns.net *.brightcovecdn.com *.brightcove.com ad.doubleclick.net www.facebook.com www.google.com www.googletagmanager.com *.googleapis.com analytics.google.com *.doubleclick.net www.google-analytics.com www.google.com.vn *.dbankcloud.com www.google.com.hk *.baidu.com http://127.0.0.1:5000 http://127.0.0.1:5000/* rbwm-api.us.hsbc.com rbwm-api.hsbc.co.uk rbwm-api.hsbc.com.hk cdn.linkedin.oribi.io *.siteintercept.qualtrics.com cdn-assets-prod.s3.amazonaws.com; frame-src 'self' blob: *.lpsnmedia.net *.optimizely.com *.liveperson.net *.google.com *.doubleclick.net *.analytics.yahoo.com players.brightcove.net *.recaptcha.net sts-aad.auth.hsbc.com *.zscloud.net gateway.zscalerthree.net gateway.zscaler.net 8783714.fls.doubleclick.net connect.facebook.net; frame-ancestors 'self' www.hsbc.com.vn; font-src 'self' data: *.hsbc.com.hk fonts.gstatic.com *.jsdelivr.net fonts.googleapis.com at.alicdn.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.hsbc.com.hk *.googleapis.com players.brightcove.net; object-src 'self' players.brightcove.net; media-src 'self' blob: *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com *.brightcovecdn.com *.prod.boltdns.net ssl.gstatic.com lpcdn.lpsnmedia.net; manifest-src 'self'; upgrade-insecure-requests ; report-uri /csp/report;
text/html; charset=utf-8
Wed, 10 Jan 2024 07:52:22 GMT
Wed, 10 Jan 2024 04:15:50 GMT
dispatcher3apeast1
Apache
cdn-cache-hit,cdn-pop;desc="DUB2-C1",cdn-rid;desc="4QiKv3q4QvUju8a86J7e9Qg16GsnWdvXrFOTzVvHvPpYLHeogd1u8w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
max-age=31536000; includeSubdomains
Accept-Encoding
1.1 ae21cfbf423c1da4538713aa1f4425aa.cloudfront.net (CloudFront)
4QiKv3q4QvUju8a86J7e9Qg16GsnWdvXrFOTzVvHvPpYLHeogd1u8w==
DUB2-C1
Hit from cloudfront
nosniff
SAMEORIGIN
1; mode=block
|