urlscan.io logo urlscan.io
SecurityTrails logo

hsbctravel.myclaimshub.co.uk Open in urlscan Pro
2606:4700:20::681a:333  Public Scan

Go To Rescan Add Verdict Report
URL: https://hsbctravel.myclaimshub.co.uk/
Submission: On September 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::681a:333, located in United States and belongs to CLOUDFLARENET, US. The main domain is hsbctravel.myclaimshub.co.uk.
TLS certificate: Issued by WE1 on September 6th 2024. Valid for: 3 months.
This is the only time hsbctravel.myclaimshub.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
3 2600:9000:211... 16509 (AMAZON-02)
2 104.19.230.21 13335 (CLOUDFLAR...)
2 104.19.229.21 13335 (CLOUDFLAR...)
28 6
11    2606:4700:20::681a:333 (United States)

ASN13335 (CLOUDFLARENET, US)
hsbctravel.myclaimshub.co.uk
10    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
3    2600:9000:211e:c200:10:d74c:d240:21 (United States)

ASN16509 (AMAZON-02, US)
dsb163fd10sp.cloudfront.net
2    104.19.230.21 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
2    104.19.229.21 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
11 myclaimshub.co.uk
hsbctravel.myclaimshub.co.uk
102 KB
10 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 8316
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
115 KB
4 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 5917
newassets.hcaptcha.com — Cisco Umbrella Rank: 8953
52 KB
3 cloudfront.net
dsb163fd10sp.cloudfront.net
454 KB
28 4
Domain Requested by
11 hsbctravel.myclaimshub.co.uk hsbctravel.myclaimshub.co.uk
9 cdn-ukwest.onetrust.com hsbctravel.myclaimshub.co.uk
cdn-ukwest.onetrust.com
3 newassets.hcaptcha.com hcaptcha.com
3 dsb163fd10sp.cloudfront.net hsbctravel.myclaimshub.co.uk
1 hcaptcha.com hsbctravel.myclaimshub.co.uk
1 geolocation.onetrust.com cdn-ukwest.onetrust.com
28 6

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
hsbctravel.myclaimshub.co.uk
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
onetrust.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
hcaptcha.com
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hsbctravel.myclaimshub.co.uk/
Frame ID: 49ECB8681C2A3B5BD5AA1D89A9A028E9
Requests: 28 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c4a51b5/static/hcaptcha.html
Frame ID: B1825B68F59BF87255FD41F0D20D7A42
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c4a51b5/static/hcaptcha.html
Frame ID: 264292210E1D847C6910C018220430CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Claim

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

28
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

723 kB
Transfer

1374 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hsbctravel.myclaimshub.co.uk/ 		57 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238209815fd3fd698e5b8a2e90a4070de4abc6e35562e397cc591c5d52ac2222
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8c0b802a4c171d8c-FRA
content-encoding
br
content-security-policy
default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 01:03:51 GMT
link
<https://hsbctravel.myclaimshub.co.uk/build/assets/app-fcccb9e4.css>; rel="preload"; as="style", <https://hsbctravel.myclaimshub.co.uk/build/assets/app-b7392a5f.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/pinia-bd97c6e2.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/showNotification-9cae2fa7.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/SelectInput-f980e67a.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/Spinner-a3dd2f46.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/CheckCircleIcon-75a66ede.js>; rel="modulepreload", <https://hsbctravel.myclaimshub.co.uk/build/assets/_plugin-vue_export-helper-c27b6911.js>; rel="modulepreload"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iy6GaivtQoc0oZyY8OSPKaz4qMqDx2ovXQ17A1DQYd91IGadfLgbdjfIM78OalfrfoLSFlf1LKS0szKfX7Xw%2FnA0AZGHPO8iCq6HOYWL6Q4p7DRt6EJzQM2N%2BvFLKnFkGIMFiQgVNBuaPDInJNbc06P%2Fw0MSUIX7awo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app-fcccb9e4.css
hsbctravel.myclaimshub.co.uk/build/assets/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/app-fcccb9e4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcccb9e4c7cf463bd917b3cc1c4110f7b3a8818f8adea95ebb3f7be2d6dfa008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 09:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"6630bea6-e80d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i6hkz9FOCFfB1Ejrn1aZgJIMP8M1f8QtCsDqRuvOYWmJeq9C5NrKRNmRskeLEQQgqi5QZNKWzD3%2FI5nlaWO2ksOh48cTzg%2BcVHqB%2BWuYPIEiGO6SqrsC3iqnRo1PKJjw7k9XMikKNCh2Hr1v7cUvp5A%2BJdts5fa4aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8c0b802b2c7e1d8c-FRA
expires
Thu, 03 Jul 2025 16:30:29 GMT
app-b7392a5f.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/app-b7392a5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3db9d897568d60593cb24c9e6830adedf97b916ff79e0b69bf67c14558449e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 20:06:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"66296643-590f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RmqgOE6XAxhGZ0ueXldUDzcAa2hEahlxaEtxzRclYod0c%2F5UTgds7pNcbV5ihwTehIS%2BqVAD6JFzsik2GU9xaeotk0MPyGwH%2BWyoiw1MueJX8ClYX9OmBKJvutvvbrHB1IgZoBOzN%2F2Tb1TtA6M%2F748VNO89r1PsAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c971d8c-FRA
expires
Wed, 02 Jul 2025 04:17:08 GMT
pinia-bd97c6e2.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		168 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/pinia-bd97c6e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24809f640f53550e4d13cebe989e2df1c10440bb2c14202dd59c6d8040900269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 20:06:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"66296643-29f07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAxrg%2BBooufz9ElBte9XkcTXxwdtmC4mSdVM1Mv8qwFU63PqDlCGQ4918%2FtQJVOLySqs%2FQkeqskRcd7SHTKLY60JML9%2FPlIyAwqrcN0UVQK9HRGHHaXrFi94AK6YHoZp8Vcf81RERrbn%2FapK34JGhVzYgegqQXMoYjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c981d8c-FRA
expires
Fri, 09 May 2025 09:49:39 GMT
showNotification-9cae2fa7.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/showNotification-9cae2fa7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1fe5ef5e20ddf727803cb4193189c2bb0dbb2de53519ecf0b4135cca17bc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
57014
last-modified
Wed, 24 Apr 2024 20:06:27 GMT
server
cloudflare
etag
W/"66296643-bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1rm84dt9yxEt%2BX6ghce1Yfkp6GwWGyIeTZXvl80v1%2FJadfUwRBzh4iH6D6P8t6MaoVkgEMeFMpLp7B%2BGm0%2FvhChUxFrT0F8lkSRT%2BHMNuHar%2B6Re5wuMdrm2S7zLlukot8ye1E9KdkoenQnjOU0s2YY9KTX1V41Dwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c991d8c-FRA
expires
Fri, 09 May 2025 09:49:39 GMT
SelectInput-f980e67a.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		811 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/SelectInput-f980e67a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631d1445901e515cdceaef05ff4c2786947b46381b4577d8166711954f77a6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 20:06:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"66296643-32b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2uDxnj61xOrzoHfq2mqQBdRvOOvzRpDsbZst2D5mHTVn7wngJEuzleFesthRDxwG%2BsF3sNmK0kp0wuk58NkDeVhjB%2BcFnCSFGH1T7cUJGxPUJ3BppN2HYzUn3U3Is3iLnflbNc39nIAy5Nem%2Bmf%2F2yafi8n4TwEu6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c9b1d8c-FRA
expires
Fri, 09 May 2025 09:49:39 GMT
Spinner-a3dd2f46.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		593 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/Spinner-a3dd2f46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f924b8fcfb116dfdbbac222d708e83a7337aa4ed253b2c2d8a446b9972b304e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 04 Aug 2024 11:24:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"66af64eb-251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JorvsHZNxHiDCHgG0wfH25m4EzPRVFgEI9yQTf5cFR60BuFqj75BKTNQEsjbtcHq7QR3gIc2Qpjn9FbU4sYrDDo6yuhoE%2FXcKnNKJZ%2B1OSxfhnT9Bsmqdj7vCWmZjSaSO%2BMGvNq347ki08HfThSD3%2FY3CMxKIFMX3tw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c9c1d8c-FRA
expires
Thu, 21 Aug 2025 20:21:23 GMT
CheckCircleIcon-75a66ede.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		368 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/CheckCircleIcon-75a66ede.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ddadb3934b99f374fdc7f2cd4d999ddb5add0adee683495b2e4f287a1d1abdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 20:06:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
etag
W/"66296643-170"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56zF8ODMPZ9i2f7SKVvHcJN0wck7oWNqMw6Df6peb1emBhFmszyb3ORza8KNSjUDyAI8oG38rDr%2B5M7ReYzlRIeaNWrhQtVi6YTyoAc1X8azcx%2FIrWY%2FTjTvvQyAlMInWBovzZ07%2FhcyP46pN5jHTnzk4%2F1AjHO6aYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c9d1d8c-FRA
expires
Thu, 22 May 2025 11:21:39 GMT
_plugin-vue_export-helper-c27b6911.js
hsbctravel.myclaimshub.co.uk/build/assets/ 		91 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/build/assets/_plugin-vue_export-helper-c27b6911.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://hsbctravel.myclaimshub.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57014
content-encoding
br
last-modified
Tue, 30 Apr 2024 09:49:26 GMT
server
cloudflare
etag
W/"6630bea6-5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAfpIfUF%2FNdW9T%2FdLCNkhwSR4GgMaLAuEgw3WaZS8Pq72MeZV9OC5qk8Zg80SLsUdOAMZNrRn62sx%2FXNLgGiSSejseF9sL%2B1NO%2FNGKCcamWTyDLrSR8idWG5BCptcIXWqHDxnJ6n335F6KhZrDfIpFM7gFqnPzgdLCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8c0b802b5c9f1d8c-FRA
expires
Thu, 03 Jul 2025 16:30:29 GMT
css
hsbctravel.myclaimshub.co.uk/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/css
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26cc36e9ad45c3f729087cd8e3afa03fbfed830d21d054549463c290cfb9814
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-security-policy
default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nLaMu4xEtnXIH2BHDizOH%2F11wb9Llcs9yj8ptxLIG79Cg%2FUz%2F15F4rpvHd9f1mkRRlnSU0FQqGc%2Bt2ZEAyqKhBbzklG2%2F3zaEpibNE%2BCZJFY7Pq5qaJ%2FywbYG%2B1zLq05nqrY0hxa0bF0K1PW6jHtuwN7Y60OItXIFU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
8c0b802b5c951d8c-FRA
x-xss-protection
1; mode=block
OtAutoBlock.js
cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/OtAutoBlock.js
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ab945798c1472892ad95f681d1add7c84eb990477ede70974794da72e98c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
57014
content-md5
5hPF3pU+bTM1/2ewmpvLBA==
content-length
1397
x-ms-lease-status
unlocked
last-modified
Thu, 11 Aug 2022 12:40:01 GMT
server
cloudflare
etag
0x8DA7B969BBA6D22
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dda81496-201e-003a-66d5-7a6738000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802b7ee892c9-FRA
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dba46e291004f5bc3ed817a5bdce67601f149f56bbcf305b6cf6619be0cf135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
37240
cf-polished
origSize=21230
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 27 Aug 2024 19:42:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c92f6f4d-201e-0084-276b-f925f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0b802b7ee992c9-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
aviva-travel-logo-white.svg
dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/aviva-travel-logo-white.svg
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c200:10:d74c:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0842844fc3773f683461b418671bb3d436994a0fb791601cced3113139f03329

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 06:12:59 GMT
x-amz-version-id
fPYdxj_PnRzxN5fTImOxP4GRjJSwdQLw
content-encoding
br
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
3005453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Mon, 18 Mar 2024 12:27:59 GMT
server
AmazonS3
etag
W/"ccdfbb55e4544787768e7a8d749815e0"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
max-age=315360000, no-transform, public
x-amz-cf-id
ryrqAhU3GIZe-sGTSY45KDwuUDrQQNa5xn1NWD47lr6qo0YTyt6HdQ==
bae5669c-f487-467d-9c56-d4935b3ecd26.json
cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/bae5669c-f487-467d-9c56-d4935b3ecd26.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4f146b0a164860e27841f3d90ae68b2b19f82d77abd0487fdec58967f85ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
57014
content-md5
iEuySOtFZAGVrpSSZXyqkQ==
content-length
1530
x-ms-lease-status
unlocked
last-modified
Thu, 11 Aug 2022 12:40:00 GMT
server
cloudflare
etag
0x8DA7B969B5AF013
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f7909073-b01e-0034-19d5-7a8b33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802bfce21e4a-FRA
default-header.jpg
dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/ 		451 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/default-header.jpg
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/build/assets/app-fcccb9e4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c200:10:d74c:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b274c2c335c9169fc7e0d7cd3a89a6f2a6f27b5de8acbe9ec75cd1b41301bf7

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 21:26:19 GMT
x-amz-version-id
CU1KzAfuBRsxbtE7OAMcE9EfSi4KZOwD
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
3641853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
461532
last-modified
Mon, 18 Mar 2024 12:28:00 GMT
server
AmazonS3
etag
"ad342ff750fe0d9e84d9d60952b25365"
vary
Origin
content-type
image/jpeg
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
Oekc8n1zWCn4tH8lpUT9Qwdbyp5bE6DuTjPjqzGYTw6E4LTVqRKTBA==
locale
hsbctravel.myclaimshub.co.uk/api/ 		15 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsbctravel.myclaimshub.co.uk/api/locale
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/build/assets/pinia-bd97c6e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03531ed6844dd22d65234364de2d581b342f62fc1363fb0d98a8950e9a84eb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://hsbctravel.myclaimshub.co.uk/
X-XSRF-TOKEN
eyJpdiI6IjVnVjVLZjJBV1NxVEhZTFVFTDRZbGc9PSIsInZhbHVlIjoicFBibmdHVlVPbzJMdFl3V1ZCWWY2cU9FOFJaaERPRy85b0pVdnJkQmxXQ2h4R3c1Z1R5V3p5bWw3WFZuZzhWaVkrUDZsVi9HZTdtUk1pZzR2dzNoZ0dXaU9pVVJVcm5OZ1Ayb1FNeFlMTVFiRVpuL0JJb3dsYmhZZU1hYWZzdCsiLCJtYWMiOiJlNzEyN2QyMzczMWE4ZjI5M2UxNGVjZGQyZGNhZTg4Nzg0NjM5NDg1NmJlYWQ2NWIxZjhiZmNlNDg5M2U5MzZmIiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
content-security-policy
default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d72D8K%2BvpMIzF82DeOaHO6GOaIqjeaqKTWcnTXQflgR%2B28VgxzjS1U1mP5bywIcKOOTRL3dafve4ll%2F4K8h7aRml4yL5FBAKAQMhTmqIAVIDDToJLRSy2yuRn9%2B14E%2FQ%2BQVfFbtGissK4xpC5IKaSmhw2MVQr5DpdsY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
8c0b802c3d0d1d8c-FRA
x-ratelimit-remaining
59
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8c0b802c6cfe1e4a-FRA
access-control-allow-headers
Content-Type
aviva.png
dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dsb163fd10sp.cloudfront.net/hsbctravelmyclaimshubcouk/aviva.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c200:10:d74c:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e985fdeadd821de3c34f8cd7ad2001a3a1179604c31a9bf2b03911d8aae5025c

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 14:33:43 GMT
x-amz-version-id
OnLApMzk2wkxfvVdZC8iDv0IPs1lpztU
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
3321009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
1071
last-modified
Mon, 25 Mar 2024 11:57:37 GMT
server
AmazonS3
etag
"91b73201d41479d70973689220baeaae"
vary
Origin
content-type
image/png
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
sSntBm14B66fr3xYHfKs0lRwraS4N0eZY4hfxcxvKwHlmdxliLbbtA==
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/ 		317 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4adf72622a0c34ca2ff2b3ecf795bfb6f123ae28b774c84b02a7e1f948f6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
wv3c0qnkBhaWE//T4i2BGA==
age
36572
cf-polished
origSize=325171
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 12 Oct 2021 19:32:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1ef67d9-301e-006a-02d4-7a7830000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0b802c9f6392c9-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
api.js
hcaptcha.com/1/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?render=explicit&onload=_hcaptchaOnLoad&sentry=true
Requested by
Host: hsbctravel.myclaimshub.co.uk
URL: https://hsbctravel.myclaimshub.co.uk/build/assets/app-b7392a5f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d168f994329dc90e78af9c39070684446950074ea7c30ed7c10dc5967703d99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
0
etag
W/"195cf5e73aaab9f447138218d10fd20e"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
cf-ray
8c0b802d3d619f90-AMS
alt-svc
h3=":443"; ma=86400
en.json
cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/e51b110f-f8d1-4f06-bdac-64b5ec5ffb33/ 		23 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/bae5669c-f487-467d-9c56-d4935b3ecd26/e51b110f-f8d1-4f06-bdac-64b5ec5ffb33/en.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a718b4f6f54df568e1759b70ba3a403f932738089af9d83c14e15254f9a7ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
57013
content-md5
PNbZTJ4B6I40WPBYd0BtUg==
content-length
6582
x-ms-lease-status
unlocked
last-modified
Thu, 11 Aug 2022 12:40:01 GMT
server
cloudflare
etag
0x8DA7B969BB2A5A0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7058b271-801e-0015-44d5-7ae602000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802d0d321e4a-FRA
otFloatingRounded.json
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otFloatingRounded.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
n626O7KaK1I8+1+ACoyIKA==
age
57013
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2586
x-ms-lease-status
unlocked
last-modified
Tue, 12 Oct 2021 19:32:46 GMT
server
cloudflare
etag
0x8D98DB711C621F0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4d673ce2-d01e-0060-0cd5-7a61b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802d4d701e4a-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
HVRygTYMrq20E07mjabR6A==
age
57013
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11929
x-ms-lease-status
unlocked
last-modified
Tue, 12 Oct 2021 19:32:47 GMT
server
cloudflare
etag
0x8D98DB7128421ED
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9233f758-401e-0047-0bd5-7afbf0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802d4d731e4a-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
otCookieSettingsButton.json
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
faMrXPz5JqfF3CH105XLtA==
age
57013
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2144
x-ms-lease-status
unlocked
last-modified
Tue, 12 Oct 2021 19:32:45 GMT
server
cloudflare
etag
0x8D98DB710DEBDEA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
dfc1d405-d01e-0016-214f-e3a124000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0b802d4d741e4a-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCommonStyles.css
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 01:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
57013
x-ms-lease-status
unlocked
last-modified
Tue, 12 Oct 2021 19:33:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c43a3cf2-b01e-0052-3ed5-7a3969000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0b802d4d751e4a-FRA
expires
Wed, 11 Sep 2024 01:03:51 GMT
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
de.json
newassets.hcaptcha.com/captcha/v1/c4a51b5/static/i18n/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c4a51b5/static/i18n/de.json
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&onload=_hcaptchaOnLoad&sentry=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063d45cec65e324a6c59224cdf83a4a4f360c4bb934327d1c079d08e7924f4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
content-length
3595
server
cloudflare
etag
"15f2add3184e9132ee5f7ae59fd78858"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
8c0b802de90e9f1e-FRA
expires
Tue, 10 Sep 2024 02:03:52 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/c4a51b5/static/ Frame B182 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c4a51b5/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&onload=_hcaptchaOnLoad&sentry=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8c0b802dec84383a-FRA
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Tue, 10 Sep 2024 01:03:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/c4a51b5/static/ Frame 2642 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c4a51b5/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&onload=_hcaptchaOnLoad&sentry=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options nosniff

Request headers

Referer
https://hsbctravel.myclaimshub.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8c0b802dec84383a-FRA
content-encoding
br
content-security-policy
report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type
text/html
date
Tue, 10 Sep 2024 01:03:52 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| apiCaller object| GoogleTagManager object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| _hcaptchaOnLoad object| Optanon object| OneTrust object| Raven object| hcaptcha object| grecaptcha

3 Cookies

Domain/Path Name / Value
.hsbctravel.myclaimshub.co.uk/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVnVjVLZjJBV1NxVEhZTFVFTDRZbGc9PSIsInZhbHVlIjoicFBibmdHVlVPbzJMdFl3V1ZCWWY2cU9FOFJaaERPRy85b0pVdnJkQmxXQ2h4R3c1Z1R5V3p5bWw3WFZuZzhWaVkrUDZsVi9HZTdtUk1pZzR2dzNoZ0dXaU9pVVJVcm5OZ1Ayb1FNeFlMTVFiRVpuL0JJb3dsYmhZZU1hYWZzdCsiLCJtYWMiOiJlNzEyN2QyMzczMWE4ZjI5M2UxNGVjZGQyZGNhZTg4Nzg0NjM5NDg1NmJlYWQ2NWIxZjhiZmNlNDg5M2U5MzZmIiwidGFnIjoiIn0%3D
.hsbctravel.myclaimshub.co.uk/ Name: hsbctravelmyclaimshubcouk_session
Value: eyJpdiI6ImlJL3E0UjhUSll4UHdzSHQ4S2srTnc9PSIsInZhbHVlIjoieFI2VkswdCt3MHlKQU5PdXYwVFI4QUJwZGVuVGVUdktGMk5uOElQclJ3L3dQNWM5V0JIdmE0Z0tCZ2dhWmhJRWJIT0xxTXFlRllNUUNzVXZGS2kzM01SY0tQYzZDS3BXaWhjMjJ0ajM0Q2xWclF1QTM2SnJIT1ZqVUg3d1o2U1oiLCJtYWMiOiI2ZjFkOTU2NWZkZDZmNWVhNTJkY2UxZDEyYzI2YzNjMWNmNmFiNTcwODgyNzdlMGNlZmRkMWI0MGQzMTA1YmMxIiwidGFnIjoiIn0%3D
.hsbctravel.myclaimshub.co.uk/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Sep+10+2024+03%3A03%3A51+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.25.0&hosts=&landingPath=https%3A%2F%2Fhsbctravel.myclaimshub.co.uk%2F&groups=C0001%3A1%2CC0002%3A0

1 Console Messages

Source Level URL
Text
security error URL: https://hsbctravel.myclaimshub.co.uk/(Line 20)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com". Either the 'unsafe-inline' keyword, a hash ('sha256-iqOPaRlwwgtNy7J3vh/+LSW9/QVdN+Fl+YfMS8+GcPo='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.cloudfront.net *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com wss://ws-eu.pusher.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com fonts.bunny.net; script-src 'self' 'unsafe-eval' *.cloudfront.net *.googletagmanager.com *.onetrust.com *.hcaptcha.com hcaptcha.com *.pusher.com; font-src 'self' data: fonts.gstatic.com fonts.bunny.net; img-src 'self' data: ui-avatars.com *.cloudfront.net *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
dsb163fd10sp.cloudfront.net
geolocation.onetrust.com
hcaptcha.com
hsbctravel.myclaimshub.co.uk
newassets.hcaptcha.com
104.19.229.21
104.19.230.21
2600:9000:211e:c200:10:d74c:d240:21
2606:4700:20::681a:333
2606:4700:4400::6812:2089
063d45cec65e324a6c59224cdf83a4a4f360c4bb934327d1c079d08e7924f4a3
0842844fc3773f683461b418671bb3d436994a0fb791601cced3113139f03329
0d168f994329dc90e78af9c39070684446950074ea7c30ed7c10dc5967703d99
238209815fd3fd698e5b8a2e90a4070de4abc6e35562e397cc591c5d52ac2222
24809f640f53550e4d13cebe989e2df1c10440bb2c14202dd59c6d8040900269
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2dba46e291004f5bc3ed817a5bdce67601f149f56bbcf305b6cf6619be0cf135
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
4ddadb3934b99f374fdc7f2cd4d999ddb5add0adee683495b2e4f287a1d1abdb
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
4f924b8fcfb116dfdbbac222d708e83a7337aa4ed253b2c2d8a446b9972b304e
631d1445901e515cdceaef05ff4c2786947b46381b4577d8166711954f77a6a8
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
91ab945798c1472892ad95f681d1add7c84eb990477ede70974794da72e98c45
9a718b4f6f54df568e1759b70ba3a403f932738089af9d83c14e15254f9a7ddf
9b274c2c335c9169fc7e0d7cd3a89a6f2a6f27b5de8acbe9ec75cd1b41301bf7
a3db9d897568d60593cb24c9e6830adedf97b916ff79e0b69bf67c14558449e7
ac1fe5ef5e20ddf727803cb4193189c2bb0dbb2de53519ecf0b4135cca17bc26
b03531ed6844dd22d65234364de2d581b342f62fc1363fb0d98a8950e9a84eb0
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
cc4adf72622a0c34ca2ff2b3ecf795bfb6f123ae28b774c84b02a7e1f948f6dc
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df4f146b0a164860e27841f3d90ae68b2b19f82d77abd0487fdec58967f85ed7
e985fdeadd821de3c34f8cd7ad2001a3a1179604c31a9bf2b03911d8aae5025c
f26cc36e9ad45c3f729087cd8e3afa03fbfed830d21d054549463c290cfb9814
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fcccb9e4c7cf463bd917b3cc1c4110f7b3a8818f8adea95ebb3f7be2d6dfa008