15 technologies5 categories
firstdirect.com is built on Adobe Experience Manager with Proofpoint and SendGrid.
Analytics are handled by Tealium and AppDynamics. Infrastructure includes Amazon CloudFront and Amazon S3.
Tech Stack Highlights
Core Platform1
Adobe Experience Manager
CMS
100%
3 evidence signals
Script
https://www.firstdirect.com/etc.clientlibs/hsbc/global/clientlibs/appd.min.9a0d6a727f8b92f3a4cce4a6985afacb.jsScript
https://www.firstdirect.com/etc.clientlibs/hsbc/fsdt/clientlibs/clientlib-all.min.a149811f28d6e634689a725de8c39644.jsstylesheet
/etc.clientlibs/hsbc/fsdt/clientlibs/clientlib-default.min.ce74de835fed566ec0228e072fdb2cf2.cssFrameworks & Languages1
Java
Programming languages
75%
1 evidence signal
HTML
implied by Adobe Experience ManagerAnalytics & Marketing7
P
Proofpoint
Email
100%
1 evidence signal
dns
MX: mxa-00299f02.gslb.pphosted.comS
SendGrid
Email
95%
1 evidence signal
dns
SPF includes sendgrid.netLinkedin Ads
Advertising
75%
1 evidence signal
Header
px\.ads\.linkedin\.com: default-src 'self' *.hsbc.com.hk *.mastercard.com.au *.demdex.net *.lpsnmedia.net *.liveperson.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.tiqcdn.com *.tealiumiq.com *.liveperson.net *.googletagmanager.com *.hsbc.co.uk *.hsbc.com.hk *.doubleclick.net *.googleadservices.com *.lpsnmedia.net *.optimizely.com *.facebook.net *.google.com *.gstatic.com *.appdynamics.com *.googleapis.com *.awswaf.com *.analytics.yahoo.com vjs.zencdn.net players.brightcove.net *.ads-twitter.com *.hsbc.ae rum.hlx.page aax-eu.amazon-adsystem.com bat.bing.com s.amazon-adsystem.com *.amazon-adsystem.com lo.v.liveperson.net googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com lptag.liveperson.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net tags.tiqcdn.com www.googletagmanager.com www.google-analytics.com *.mcmprod.hsbc.co.uk ssl.google-analytics.com www.firstdirect.com t.contentsquare.net app.contentsquare.com tt.omtrdc.net *.sc.omtrdc.net *.demdex.net *.twitter.com t.co *.walkme.com *.omguk.com *.adsrvr.org cliveperson.com *.contentsquare.com *.qualtrics.com *.quantserve.com *.outbrain.com *.taboola.com *.vjs.zencdn.net www.mcmprod.hsbc.co.uk cdn.optimizely.com cdn-assets-prod.s3.amazonaws.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com snap.licdn.com c-hsbc.lytics.io; img-src data: * blob: *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com *.liveperson.net *.lpsnmedia.net; connect-src 'self' *.tiqcdn.com *.tealiumiq.com *.hsbc.com.hk *.eum-appdynamics.com *.optimizely.com wss://*.liveperson.net *.cloud.hsbc *.awswaf.com *.analytics.yahoo.com players.brightcove.net edge.api.brightcove.com *.googleapis.com *.hsbc.ae *.omtrdc.net *.demdex.net *.hsbc.co.om *.brightcovecdn.com *.hsbc.co.uk *.appdynamics.com *.we-stats.com bat.bing.com *.siteintercept.qualtrics.com adservice.google.com www.facebook.com www.google.com www.firstdirect.com www.googletagmanager.com ad.doubleclick.net cdnbc-wup.firstdirect.com *.analytics.google.com akamai.tiqcdn.com www.google-analytics.com collect.tealiumiq.com r.contentsquare.net c.contentsquare.net analytics.google.com *.mcmprod.hsbc.co.uk *.tt.omtrdc.net *.sc.omtrdc.net *.liveperson.net *.google.com *.walkme.com pixel.everesttech.net *.contentsquare.com *.qualtrics.com rbwm-api.us.hsbc.com rbwm-api.hsbc.co.uk rbwm-api.hsbc.com.hk manifest.prod.boltdns.net translate.googleapis.com lpcdn.lpsnmedia.net stats.g.doubleclick.net www.google.co.uk cdn-assets-prod.s3.amazonaws.com k-aeu1.contentsquare.net *.customers.biocatch.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com px.ads.linkedin.com *.lpsnmedia.net; frame-src 'self' blob: *.lpsnmedia.net *.optimizely.com *.liveperson.net *.google.com *.doubleclick.net *.analytics.yahoo.com players.brightcove.net cdntm.firstdirect.com www.facebook.com www.youtube.com 8071237.fls.doubleclick.net *.demdex.net *.walkme.com liveperson.com *.qualtrics.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com *.online-metrix.net analytics.tiktok.com; frame-ancestors 'self' www.firstdirect.com; font-src 'self' data: *.hsbc.com.hk *.gstatic.com fonts.gstatic.com; worker-src 'self' blob: *.demdex.net *.lpsnmedia.net *.liveperson.net *.google.com; style-src 'self' 'unsafe-inline' *.hsbc.com.hk *.googleapis.com players.brightcove.net c-hsbc.lytics.io *.liveperson.net *.lpsnmedia.net; object-src 'self' blob: players.brightcove.net; child-src 'self'; media-src 'self' blob: *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com *.brightcovecdn.com lpcdn.lpsnmedia.net ssl.gstatic.com manifest.prod.boltdns.net *.lpsnmedia.net; manifest-src 'self'; upgrade-insecure-requests ; report-uri /csp/report;Optimizely
A/B Testing
75%
1 evidence signal
JS Global
optimizely โ objectTealium
Tag managers
75%
5 evidence signals
Script
https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.202.js?utv=ut4.46.202505221723Script
https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.712.js?utv=ut4.46.202503061800Script
https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.825.js?utv=ut4.46.202401171803Script
https://tags.tiqcdn.com/utag/hsbc/uk-rbwm-fd-pws/prod/utag.919.js?utv=ut4.46.202603100605Script
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=hsbc/uk-rbwm-fd-pws/202603250237&cb=1774580618121AppDynamics
Analytics
75%
1 evidence signal
Script
https://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.jsLivePerson
Live chat
75%
1 evidence signal
Script
https://lptag.liveperson.net/tag/tag.js?site=77104856Infrastructure & Security5
HSTS
Security
75%
1 evidence signal
Header
max-age=31536000; includeSubdomains
Amazon CloudFront
CDN
75%
2 evidence signals
Header
\(CloudFront\)$: 1.1 d819e0fec943c45d31b55f5dce0b44ee.cloudfront.net (CloudFront)Header
VaRSgKRj8T5Y7Nod9_sbgoviYPrqIhugoJTbW9SbESu36opoJaKZIA==Amazon S3
CDN
75%
1 evidence signal
Header
s3[^ ]*amazonaws\.com: default-src 'self' *.hsbc.com.hk *.mastercard.com.au *.demdex.net *.lpsnmedia.net *.liveperson.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.tiqcdn.com *.tealiumiq.com *.liveperson.net *.googletagmanager.com *.hsbc.co.uk *.hsbc.com.hk *.doubleclick.net *.googleadservices.com *.lpsnmedia.net *.optimizely.com *.facebook.net *.google.com *.gstatic.com *.appdynamics.com *.googleapis.com *.awswaf.com *.analytics.yahoo.com vjs.zencdn.net players.brightcove.net *.ads-twitter.com *.hsbc.ae rum.hlx.page aax-eu.amazon-adsystem.com bat.bing.com s.amazon-adsystem.com *.amazon-adsystem.com lo.v.liveperson.net googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com lptag.liveperson.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net tags.tiqcdn.com www.googletagmanager.com www.google-analytics.com *.mcmprod.hsbc.co.uk ssl.google-analytics.com www.firstdirect.com t.contentsquare.net app.contentsquare.com tt.omtrdc.net *.sc.omtrdc.net *.demdex.net *.twitter.com t.co *.walkme.com *.omguk.com *.adsrvr.org cliveperson.com *.contentsquare.com *.qualtrics.com *.quantserve.com *.outbrain.com *.taboola.com *.vjs.zencdn.net www.mcmprod.hsbc.co.uk cdn.optimizely.com cdn-assets-prod.s3.amazonaws.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com snap.licdn.com c-hsbc.lytics.io; img-src data: * blob: *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com *.liveperson.net *.lpsnmedia.net; connect-src 'self' *.tiqcdn.com *.tealiumiq.com *.hsbc.com.hk *.eum-appdynamics.com *.optimizely.com wss://*.liveperson.net *.cloud.hsbc *.awswaf.com *.analytics.yahoo.com players.brightcove.net edge.api.brightcove.com *.googleapis.com *.hsbc.ae *.omtrdc.net *.demdex.net *.hsbc.co.om *.brightcovecdn.com *.hsbc.co.uk *.appdynamics.com *.we-stats.com bat.bing.com *.siteintercept.qualtrics.com adservice.google.com www.facebook.com www.google.com www.firstdirect.com www.googletagmanager.com ad.doubleclick.net cdnbc-wup.firstdirect.com *.analytics.google.com akamai.tiqcdn.com www.google-analytics.com collect.tealiumiq.com r.contentsquare.net c.contentsquare.net analytics.google.com *.mcmprod.hsbc.co.uk *.tt.omtrdc.net *.sc.omtrdc.net *.liveperson.net *.google.com *.walkme.com pixel.everesttech.net *.contentsquare.com *.qualtrics.com rbwm-api.us.hsbc.com rbwm-api.hsbc.co.uk rbwm-api.hsbc.com.hk manifest.prod.boltdns.net translate.googleapis.com lpcdn.lpsnmedia.net stats.g.doubleclick.net www.google.co.uk cdn-assets-prod.s3.amazonaws.com k-aeu1.contentsquare.net *.customers.biocatch.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com analytics.tiktok.com px.ads.linkedin.com *.lpsnmedia.net; frame-src 'self' blob: *.lpsnmedia.net *.optimizely.com *.liveperson.net *.google.com *.doubleclick.net *.analytics.yahoo.com players.brightcove.net cdntm.firstdirect.com www.facebook.com www.youtube.com 8071237.fls.doubleclick.net *.demdex.net *.walkme.com liveperson.com *.qualtrics.com *.pinimg.com *.pinterest.com *.analytics.tiktok.com *.online-metrix.net analytics.tiktok.com; frame-ancestors 'self' www.firstdirect.com; font-src 'self' data: *.hsbc.com.hk *.gstatic.com fonts.gstatic.com; worker-src 'self' blob: *.demdex.net *.lpsnmedia.net *.liveperson.net *.google.com; style-src 'self' 'unsafe-inline' *.hsbc.com.hk *.googleapis.com players.brightcove.net c-hsbc.lytics.io *.liveperson.net *.lpsnmedia.net; object-src 'self' blob: players.brightcove.net; child-src 'self'; media-src 'self' blob: *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com *.brightcovecdn.com lpcdn.lpsnmedia.net ssl.gstatic.com manifest.prod.boltdns.net *.lpsnmedia.net; manifest-src 'self'; upgrade-insecure-requests ; report-uri /csp/report;Apache HTTP Server
Web servers
75%
1 evidence signal
Header
(?:Apache(?:$|/([\d.]+)|[^/-])|(?:^|\b)HTTPD)\;version:\1: ApacheAmazon Web Services
PaaS
50%
1 evidence signal
HTML
implied by Amazon CloudFrontLibraries & Utilities1
core-js
JavaScript libraries
75%
1 evidence signal
JS Global
__core-js_shared__ โ object