claims.mojainsurance.co.uk Open in urlscan Pro
85.159.155.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://claims.mojainsurance.co.uk/
Effective URL:
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Submission: On December 07 via api (December 7th 2023, 3:25:12 pm UTC) from US — Scanned from US

Summary HTTP 45 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 45 HTTP transactions. The main IP is 85.159.155.43, located in United Kingdom and belongs to AXA_INSURANCE, GB. The main domain is claims.mojainsurance.co.uk.
TLS certificate: Issued by Thawte RSA CA 2018 on January 11th 2023. Valid for: a year.

This is the only time claims.mojainsurance.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1 13	85.159.155.43 85.159.155.43	34746 (AXA_INSUR...) (AXA_INSURANCE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2600:1408:ec0... 2600:1408:ec00:28f::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	15133 (EDGECAST) (EDGECAST)
1	23.218.120.75 23.218.120.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
1	23.14.152.64 23.14.152.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:1408:540... 2600:1408:5400:1c::173d:b2d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:26a... 2600:9000:26a0:2200:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.192.51.81 54.192.51.81	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:3... 2600:1901:0:35e6::	15169 (GOOGLE) (GOOGLE)
1	2600:9000:250... 2600:9000:2508:a000:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.195.98.94 34.195.98.94	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.18.56.89 52.18.56.89	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f171:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2 2	172.253.63.148 172.253.63.148	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
2	40.71.13.170 40.71.13.170	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
45	25

13 85.159.155.43 (United Kingdom) 1 redirects

ASN34746 (AXA_INSURANCE, GB)

claims.mojainsurance.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:28f::13b8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.120.75 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-120-75.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.14.152.64 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-14-152-64.deploy.static.akamaitechnologies.com

a247752487.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::93 (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::9b (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:5400:1c::173d:b2d (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a0:2200:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.51.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-81.yul62.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:35e6:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sgtm.axa.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2508:a000:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.98.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-98-94.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.56.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-56-89.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f171:81:face:b00c:0:25de (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.71.13.170 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mojainsurance.co.uk 1 redirects claims.mojainsurance.co.uk	2 MB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
5	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139	3 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 152 adservice.google.com — Cisco Umbrella Rank: 93	1 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 774 cdn3.optimizely.com — Cisco Umbrella Rank: 4821 a247752487.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1439	110 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 786	281 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	93 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	193 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 7156	128 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 7355	2 KB
1	axa.co.uk sgtm.axa.co.uk — Cisco Umbrella Rank: 827777	3 KB
1	decibelinsight.net cdn.decibelinsight.net — Cisco Umbrella Rank: 7870	80 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3662	11 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370	22 KB
45	18

	Domain	Requested by
13	claims.mojainsurance.co.uk	1 redirects claims.mojainsurance.co.uk
4	px.ads.linkedin.com	3 redirects az416426.vo.msecnd.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com claims.mojainsurance.co.uk
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	adservice.google.com	claims.mojainsurance.co.uk
2	ad.doubleclick.net	2 redirects
2	connect.facebook.net	claims.mojainsurance.co.uk connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	googleads.g.doubleclick.net	1 redirects claims.mojainsurance.co.uk
2	www.google.com	1 redirects claims.mojainsurance.co.uk
2	www.googletagmanager.com	claims.mojainsurance.co.uk www.googletagmanager.com
2	fonts.googleapis.com	claims.mojainsurance.co.uk
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.facebook.com	claims.mojainsurance.co.uk
1	lantern.roeye.com	claims.mojainsurance.co.uk
1	px4.ads.linkedin.com	claims.mojainsurance.co.uk
1	www.linkedin.com	1 redirects
1	logx.optimizely.com	az416426.vo.msecnd.net
1	lantern.roeyecdn.com	www.dwin1.com
1	sgtm.axa.co.uk	az416426.vo.msecnd.net
1	cdn.decibelinsight.net	claims.mojainsurance.co.uk
1	www.dwin1.com	www.googletagmanager.com
1	a247752487.cdn.optimizely.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	az416426.vo.msecnd.net	claims.mojainsurance.co.uk
1	cdn.optimizely.com	claims.mojainsurance.co.uk
45	27

This site contains links to these domains. Also see Links.

Domain
www.axa.co.uk

Subject Issuer	Validity	Valid
claims.mojainsurance.co.uk Thawte RSA CA 2018	`2023-01-11` - `2024-01-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.decibelinsight.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-15` - `2023-12-14`	3 months	crt.sh
sgtm.axa.co.uk GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-03` - `2024-08-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Frame ID: 35C94A99EB2425D47E6A339B6E82B3BA
Requests: 43 HTTP requests in this frame

Frame: https://a247752487.cdn.optimizely.com/client_storage/a247752487.html
Frame ID: 108EFA679DD2B0280DCD2824DA4B01DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unauthorised User | AXA UK

Page URL History Show full URLs

https://claims.mojainsurance.co.uk/ HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

45
Requests

87 %
HTTPS

64 %
IPv6

18
Domains

27
Subdomains

25
IPs

4
Countries

2191 kB
Transfer

5399 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.axa.co.uk/cookie-policy/
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://www.axa.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.axa.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.axa.co.uk/terms-and-conditions/
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://www.axa.co.uk/regulated/
Title: Regulated

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://claims.mojainsurance.co.uk/ HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google.com/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2764153%26time%3D1701962706550%26url%3Dhttps%253A%252F%252Fclaims.mojainsurance.co.uk%252FSession%252FUnauthorisedUser%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLETB1oumVZMAAAAYxE4e-ZIB7i2RNDWfg3-R9mKqGzSWdMrTQtZrpnQUaCst_VtVhWeg

Request Chain 37

https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=1783336177.1701962707;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser

Request Chain 38

https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=1783336177.1701962707;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser

Request Chain 39

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059897644/?random=1852637909&fst=1701962706833&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&auid=1783336177.1701962707&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dma=0&gcs=G111&gcd=11r1r1l1l5 HTTP 302
https://www.google.com/pagead/1p-user-list/1059897644/?random=1852637909&fst=1701961200000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNzcvJd-rZbID5CKiNoUCLlk7n3jUbszDUoSixzyuRuq-xsxZx&random=1919123847

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request UnauthorisedUser Show response
claims.mojainsurance.co.uk/Session/
Redirect Chain

https://claims.mojainsurance.co.uk/
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

7 KB
3 KB

157ms
157ms

Document
text/html

85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5049e4b073b6bcf3cc82c27210dd5019a3781c66d15f497c72ddeddf4a666c74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 3144
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 15:25:03 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 142
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 15:25:03 GMT
Location: /Session/UnauthorisedUser
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 119ms
44ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:25:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 130ms
56ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 14:53:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:25:04 GMT

GET
H2 200 247752487.js Show response
cdn.optimizely.com/js/ 384 KB
107 KB 600ms
499ms Script
text/javascript 2600:1408:ec00:28f::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/247752487.js

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:28f::13b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4bf4e880e330e856dfe2790bbd616dc2e93d928850462e045e9ab78e2c63bf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: YNawCQCzgvwxUXIgK5JBmEAlmpVCsHcT
content-encoding: gzip
date: Thu, 07 Dec 2023 15:25:04 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 7A74M6Y4P3CJ7CQP
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 16872
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=339, origin; dur=32, cdn;desc="AkamaiION";dur=0,rtt;desc="32";dur=0,cdnip;desc="2600:1408:ec00:28f::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1701962704407_389047443_2731854673_37059_1900_32_106_219";dur=1
content-length: 108374
x-amz-id-2: cgOIZHOLiTXSTFp+xIkkSplcr0DGe6ucW2bMu9vLYeBcZrpODmIb9MBQE0Snn9SWjg65FDJh0K4=
last-modified: Thu, 07 Dec 2023 15:23:30 GMT
server: AmazonS3
etag: "dcda0a4b429f8598cc3cfbbb1d4f936f"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK VendorCssBundle
claims.mojainsurance.co.uk/ 46 KB
12 KB 129ms
126ms Stylesheet
text/css 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/VendorCssBundle?v=aPvHGdwCLw0AMaxdJY5tuTS5GzSoYVJBVAjBIM5_L7U1
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 407f5113d9e2b4d44e17cefbf45d040bd4b3bc3fd5952a43cffbeaa28ce3cc00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 15:25:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 12154
Expires: Fri, 06 Dec 2024 15:25:04 GMT

GET
H/1.1 200
OK main.min.css
claims.mojainsurance.co.uk/Content/css/AXA/ 220 KB
28 KB 262ms
130ms Stylesheet
text/css 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebcbb13721ea4f54e9c2ef47252b39affb87e57ed7b570eb65d1757a88ea8f85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 11:22:39 GMT
Server: Microsoft-IIS/10.0
ETag: "8069adafff28da1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 28326

GET
H/1.1 200
OK jquery Show response
claims.mojainsurance.co.uk/bundles/ 1 MB
387 KB 373ms
164ms Script
text/javascript 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/bundles/jquery?v=HolFbc4rrdZf3sCaJd51dTiBdSQlu-cnnsxqUr0baTA1
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a03ed09f342b44819675f6768bb308af53d64056e7869991b1b311ed68148f05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 15:25:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Fri, 06 Dec 2024 15:25:04 GMT

GET
H/1.1 200
OK modernizr Show response
claims.mojainsurance.co.uk/bundles/ 11 KB
5 KB 363ms
155ms Script
text/javascript 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 15:25:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 5229
Expires: Fri, 06 Dec 2024 15:25:04 GMT

GET
H/1.1 200
OK venders Show response
claims.mojainsurance.co.uk/bundles/ 131 KB
52 KB 529ms
320ms Script
text/javascript 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/bundles/venders?v=lRVrqWc1StUIAUHA-bK89TCeuvk-J8-6_sIkHW-DPC01
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8f09f40b6972cbe239f450cc733fb98bf50decc1dd0360ba4ae9b96578f23c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 15:25:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 52490
Expires: Fri, 06 Dec 2024 15:25:04 GMT

GET
H/1.1 200
OK enolJsBundle Show response
claims.mojainsurance.co.uk/bundles/ 952 KB
292 KB 441ms
226ms Script
text/javascript 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/bundles/enolJsBundle?v=wHVD9ZpWeEt8d-CPUuzhdBMWtoCGEeChu3DMUKbaUhQ1
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a9afd5863382a64fbff5a548b2d31d74c7adfe004317dac48a81504842e847a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 15:25:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Fri, 06 Dec 2024 15:25:04 GMT

GET
H/1.1 200
OK logo.svg
claims.mojainsurance.co.uk/Content/images/AXA/svg/ 2 KB
3 KB 264ms
178ms Image
image/svg+xml 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claims.mojainsurance.co.uk/Content/images/AXA/svg/logo.svg
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Last-Modified: Thu, 07 Dec 2023 11:22:42 GMT
Server: Microsoft-IIS/10.0
ETag: "e9f0b8b1ff28da1:0"
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2362

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 216ms
35ms Script
application/x-javascript 2606:2800:11f:17a5:191a:18d5:537:22f9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/79DC) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 15:25:05 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 694
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (nya/79DC)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c4c323ad-f01e-0025-481f-298eb2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 07 Dec 2023 15:55:05 GMT

GET
H/1.1 200
OK geo4.js Show response
cdn3.optimizely.com/js/ 309 B
823 B 177ms
44ms Script
application/javascript 23.218.120.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/247752487.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.218.120.75 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-120-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ed1f3bbbfa2c968f963ec702aa90109f78a2d26d2653211f6349d72f0dea2121

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date: Thu, 07 Dec 2023 15:25:05 GMT
Server: AmazonS3
x-amz-request-id: 7K4SH0GM36DVEWHS
X-Akamai-EW-Subworker: 8096267
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
Content-Type: application/javascript
Cache-Control: max-age=47215
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 309
x-amz-id-2: hmBqtRv1RWuY7E+rv9650STMfcJca95itcetBiUykIvu68ID/82kld4X1fQ5LICCCaRRWz+jYIY=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 406 KB
110 KB 181ms
105ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS5W33

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1e2117af2658167b3378a19786aeb99c9b0759739a2e84b91b3d5ab146c5f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112136
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 15:25:05 GMT

GET
H/1.1 200
OK SourceSansPro-Regular.otf
claims.mojainsurance.co.uk/Content/fonts/SourceSansPro/ 250 KB
251 KB 134ms
133ms Font
application/font-otf 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/Content/fonts/SourceSansPro/SourceSansPro-Regular.otf
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7fbc6610f9daeb3abe9863316dfd50369d3e173fc7be8baefc334468e8a19888

Request headers

Referer: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Origin: https://claims.mojainsurance.co.uk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:04 GMT
Last-Modified: Thu, 07 Dec 2023 11:22:40 GMT
Server: Microsoft-IIS/10.0
ETag: "c9fa4cb0ff28da1:0"
X-Powered-By: ASP.NET
Content-Type: application/font-otf
Accept-Ranges: bytes
Content-Length: 256288

GET
H2 200 a247752487.html Show response
a247752487.cdn.optimizely.com/client_storage/ Frame 108E 2 KB
2 KB 953ms
824ms Document
text/html 23.14.152.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a247752487.cdn.optimizely.com/client_storage/a247752487.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/247752487.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.14.152.64 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-14-152-64.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

56267def56891a5f362d39c74bf78dd1cfe953bc2115f0a6cef8dfacfef7cf02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://claims.mojainsurance.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 864
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:25:06 GMT
etag: "a1f6b273b31267d3a4e60cc5335b1e2b"
last-modified: Thu, 07 Dec 2023 15:23:17 GMT
server: AmazonS3
server-timing: cdn-cache; desc=REVALIDATE edge; dur=695 origin; dur=62 cdn;desc="AkamaiION";dur=0,rtt;desc="34";dur=0,cdnip;desc="23.14.152.64";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1701962705544_3088676317_70035569_75674_1984_38_96_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 864 0 pmb=mRUM,2
x-amz-id-2: rxzrvJrEhmWdJ/YCYGXxt0pAvd49kZEXVFEYdmKO8/pvgyhngdmoWoYs+c2KFkovRwWtTHRYI10=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: NC35T7Z8GBAK0GVF
x-amz-server-side-encryption: AES256
x-amz-version-id: Mh1XkKvKf2jLpvVXwxC7.OIOtxyCcfaE

GET
H/1.1 200
OK background_error.jpg
claims.mojainsurance.co.uk/Content/images/AXA/jpg/ 201 KB
202 KB 146ms
144ms Image
image/jpeg 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claims.mojainsurance.co.uk/Content/images/AXA/jpg/background_error.jpg
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f6ca424c9a6ed9fe88510a27d6de9abf03af3e7157246f5a7259873109a4cd56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:05 GMT
Last-Modified: Thu, 07 Dec 2023 11:22:42 GMT
Server: Microsoft-IIS/10.0
ETag: "582298b1ff28da1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 206309

GET
H/1.1 200
OK publico.eot
claims.mojainsurance.co.uk/Content/fonts/Publico/ 206 KB
206 KB 140ms
139ms Font
application/vnd.ms-fontobject 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 739201e205fb348ae399397d341aef7402902fb388084998955a0ad4e69ec677

Request headers

Referer: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Origin: https://claims.mojainsurance.co.uk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:05 GMT
Last-Modified: Thu, 07 Dec 2023 11:22:39 GMT
Server: Microsoft-IIS/10.0
ETag: "56240b0ff28da1:0"
X-Powered-By: ASP.NET
Content-Type: application/vnd.ms-fontobject
Accept-Ranges: bytes
Content-Length: 210804

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71TS5W33v6772558...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71T...

42 B
588 B

527ms
46ms

Ping
image/gif

2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0&gtm=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 119ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS5W33

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 07 Dec 2023 15:25:05 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B0B0BDF70F449BDBF0B42444D391B28 Ref B: NYCEDGE1714 Ref C: 2023-12-07T15:25:05Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
805 B 120ms
38ms Script
application/javascript 2600:1408:5400:1c::173d:b2d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS5W33

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:5400:1c::173d:b2d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 10:28:06 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=68571
accept-ranges: bytes
content-length: 595

GET
H2 200 13529.js Show response
www.dwin1.com/ 40 KB
11 KB 219ms
137ms Script
application/javascript 2600:9000:26a0:2200:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/13529.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS5W33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:2200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcde0644cf35f62b49b18055d0829287a83f408e5d54f49d70e35580a0b7f624

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: VADBUgbzn5e8llsOWIYlmP6Alcc6ko3u
content-encoding: gzip
via: 1.1 fb7b65b8cad8124239a4b25728a84288.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 15:25:06 GMT
x-amz-cf-pop: YUL62-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Dec 2023 13:48:37 GMT
server: AmazonS3
etag: W/"379569ab0822e2ef0b2e9ac8bdba80da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: EzfHPTprnz-621kOjeXwSMsAsT-hznrIblHPXTx4Fya3FxYuRJgbCA==

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/13049/54678/ 205 KB
80 KB 116ms
42ms Script
text/javascript 54.192.51.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/13049/54678/di.js

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-81.yul62.r.cloudfront.net

Software

nginx /

Resource Hash

316a0856b18d457d073ff70d1af7fed884bc29a5fc612bf94f3ed2dbf52d109c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/000067000-18C3F406C0C
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=5400
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: xLonXZEaxHQkZNcuPT_Ntw0PfKqDvZAG5uhAbASW2-4z0Bb5Ao-fgw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 108ms
35ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 15:25:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BAnTSCrqfTg9Vi/KAZtLZNQLToyWPi4pshpd22QKyR+0P8PH5tXob5H53dyiUJbBqrlLnLhWpj3m2U8VLT6r5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 260 KB
83 KB 72ms
71ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-RE55ZQSXB7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS5W33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5ae0cd2ba265fbb529d8df684e76b6ba0f5809e20578de8c5cabbbf12411623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:25:05 GMT

GET
H/1.1 200
OK publico.ttf
claims.mojainsurance.co.uk/Content/fonts/Publico/ 206 KB
206 KB 132ms
132ms Font
application/font-ttf 85.159.155.43
AXA_INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.ttf
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 85.159.155.43 , United Kingdom, ASN34746 (AXA_INSURANCE, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: baa97cb056524ee6f783090f83aa1f885c94b2b04316c0c79106d39648fa2a24

Request headers

Referer: https://claims.mojainsurance.co.uk/Content/css/AXA/main.min.css
Origin: https://claims.mojainsurance.co.uk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:25:05 GMT
Last-Modified: Thu, 07 Dec 2023 11:22:39 GMT
Server: Microsoft-IIS/10.0
ETag: "7d343b0ff28da1:0"
X-Powered-By: ASP.NET
Content-Type: application/font-ttf
Accept-Ranges: bytes
Content-Length: 210492

GET
H2 200 collect Show response
sgtm.axa.co.uk/g/ 2 KB
3 KB 822ms
414ms XHR
text/plain 2600:1901:0:35e6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.axa.co.uk/g/collect?v=2&tid=G-RE55ZQSXB7&gtm=45je3bt0v883963684z86772558&_p=1701962705261&gcs=G111&gcd=11r1r1l1l5&dma=0&cid=807982557.1701962706&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.rnd=1163753589.1701962706&sst.gse=1&sst.gcd=11r1r1l1l5&sst.tft=1701962705261&_s=1&dr=&dl=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&sid=1701962706&sct=1&seg=0&dt=Unauthorised%20User%20%7C%20AXA%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=claim&ep.page_product=motor&ep.user_logged_in=true&ep.website=personal%20insurance&ep.op_co=personal%20insurance&ep.channel=DirectBusiness&ep.customer_type=front-office&ep.environment=prod&ep.ip_lookup=staff&ep.page_name=Unauthorised%20User&ep.url_redacted_pii=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&ep.user_device=desktop&ep.no_advertising_consent_or_partner=false&ep.user_id_defined=false&tfd=3127&richsstsse

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:35e6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

53833899a58acb068f61c479b1cc969be64fd4bde1f53adc85716bb124948bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:06 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://claims.mojainsurance.co.uk
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 40ms
40ms Script
application/javascript 2600:1408:5400:1c::173d:b2d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:5400:1c::173d:b2d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 299
date: Thu, 07 Dec 2023 15:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=54883
accept-ranges: bytes
content-length: 12150

GET
H2 204 5321252.js Show response
bat.bing.com/p/action/ 0
117 B 46ms
46ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5321252.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 07 Dec 2023 15:25:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F45AEA0E00B4C4BB457BE842EF3C705 Ref B: NYCEDGE1714 Ref C: 2023-12-07T15:25:06Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 113ms
112ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5321252&tm=gtm002&Ver=2&mid=2781e675-e198-4dbb-82c4-fcc7400e7fde&sid=cca98a50951411ee87b097c36b9bb401&vid=cca9d7a0951411ee97981bde34a760a5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Unauthorised%20User%20%7C%20AXA%20UK&p=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&r=&lt=2567&evt=pageLoad&sv=1&rn=29590

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:25:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB4F29412934439BACFF4063630DBB3F Ref B: NYCEDGE1714 Ref C: 2023-12-07T15:25:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 731504514000972 Show response
connect.facebook.net/signals/config/ 214 KB
39 KB 84ms
83ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/731504514000972?v=2.9.138&r=stable&domain=claims.mojainsurance.co.uk

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4618262c1c1338400e19d156d5a3604f4fc94290c3ce7dad2ee225e3b6c8127

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 15:25:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fNs9jQgm15STYKYoGdyutM5vrK+2UsbhD5spvtyPW82XEnLxbEGVdcQwua6GgvIUBw5S6RJ5mhZwmTUJOuMIbw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lantern_global_13529.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 396ms
33ms Script
application/octet-stream 2600:9000:2508:a000:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_13529.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/13529.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2508:a000:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99111c2c9d2617b28a94231c0309cbbd7b1073695bcab726da58364525eb0329

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ylpY3g2F80zkYiovydqh_f7ORY6q7scg
date: Thu, 07 Dec 2023 11:03:44 GMT
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 14:39:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P1
age: 15683
etag: "de4db2f57658751972eba1ebea6f91f3"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1826
x-amz-cf-id: v8NMjKNfdxfD16r_51WF7IKZBuO1yt9OUKHsR4cwxoYAWNQ4PPaFOg==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
670 B 301ms
102ms XHR
text/plain 34.195.98.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.195.98.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-98-94.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://claims.mojainsurance.co.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Dec 2023 15:25:06 GMT
Via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://claims.mojainsurance.co.uk
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 44
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 1a6d5107-8036-4aec-9b89-fc336500b59a

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2764153%26time%3D1701962706550%26url%3Dhttps%253A%252F%252Fclaims.mojainsurance.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLETB1o...

0
487 B

958ms
145ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLETB1oumVZMAAAAYxE4e-ZIB7i2RNDWfg3-R9mKqGzSWdMrTQtZrpnQUaCst_VtVhWeg
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:07 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F4A76343034D49E484D4D831314EEE29 Ref B: YTO01EDGE0511 Ref C: 2023-12-07T15:25:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL7RKdHIdrW9SSSp4drw==

Redirect headers

date: Thu, 07 Dec 2023 15:25:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FE9C125904EF44A5A091D70E03FA6AAE Ref B: EWR311000108017 Ref C: 2023-12-07T15:25:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLETB1oumVZMAAAAYxE4e-ZIB7i2RNDWfg3-R9mKqGzSWdMrTQtZrpnQUaCst_VtVhWeg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL7RKP1sItLAPXspSJZg==

GET
H2 200 track.php
lantern.roeye.com/ 0
128 B 1233ms
112ms Image
image/gif 52.18.56.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=&referrer=&landingpage=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&site=13529
Requested by: Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.56.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-56-89.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:25:07 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1148ms
69ms Image
text/plain 2a03:2880:f171:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=731504514000972&ev=PageView&dl=https%3A%2F%2Fclaims.mojainsurance.co.uk&rl=&if=false&ts=1701962706573&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.2.1701962706569.1711781632&pm=1&hrl=ad4f7b&ler=empty&it=1701962706086&coo=false&cs_cc=1&cas=5649988601742619%2C3635008433266681%2C4190822667653591%2C4175547535889751&rqm=GET

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 15:25:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/s/ 0
261 B 848ms
41ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e3b82v883963684z86772558z9848097749&_gsid=RE55ZQSXB7Rf-gMo1xPZ1RrG0hYzZhTQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RE55ZQSXB7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://claims.mojainsurance.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
122 B 42ms
41ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-RE55ZQSXB7&cid=807982557.1701962706&gtm=45j91e3b82v883963684z86772558z9848097749&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RE55ZQSXB7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://claims.mojainsurance.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsuranc...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;...
https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20Us...

42 B
107 B

173ms
98ms

Image
image/gif

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=h...
https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u...

42 B
401 B

136ms
97ms

Image
image/gif

2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-user-list/1059897644/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059897644/?random=1852637909&fst=1701962706833&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z98...
https://www.google.com/pagead/1p-user-list/1059897644/?random=1852637909&fst=1701961200000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z9848097749&url=https%3A%...

42 B
108 B

47ms
46ms

Image
image/gif

2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059897644/?random=1852637909&fst=1701961200000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNzcvJd-rZbID5CKiNoUCLlk7n3jUbszDUoSixzyuRuq-xsxZx&random=1919123847

Requested by

Host: claims.mojainsurance.co.uk
URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser

Protocol

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://claims.mojainsurance.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:25:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-user-list/1059897644/?random=1852637909&fst=1701961200000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNzcvJd-rZbID5CKiNoUCLlk7n3jUbszDUoSixzyuRuq-xsxZx&random=1919123847
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
202 B 58ms
57ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://claims.mojainsurance.co.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:25:07 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DE6AC9EF16E14A16A726272C06A6D390 Ref B: EWR311000108017 Ref C: 2023-12-07T15:25:07Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://claims.mojainsurance.co.uk
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL7RKfdKcQwv07dKv5tw==

GET
BLOB 200
OK dcfde9a4-27f9-422a-9b1c-f4244f87f951
https://claims.mojainsurance.co.uk/ 15 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://claims.mojainsurance.co.uk/dcfde9a4-27f9-422a-9b1c-f4244f87f951
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ac1c44ce3bbb2f796adeb4360c6dfb9c72a48384691e70d4fee706caa640571

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 15739
Content-Type: application/javascript

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 203ms
45ms Preflight 40.71.13.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.13.170 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://claims.mojainsurance.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 07 Dec 2023 15:25:08 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 176ms
176ms XHR
application/json 40.71.13.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.13.170 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f51f6718c64925153c7db7a22736f6c08fce3299828376f59663e05e8b84b825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://claims.mojainsurance.co.uk/
accept-language: en-US,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 6476386B-D02F-4358-840D-A6DA4F0478AA
strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:25:08 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13049/	1970-01-21 01:31:38	Name: da_lid Value: -0B6435ED9A7CEA129D2BBB99FA10D3EDF6\|0\|0\|0
.decibelinsight.net/i/13049/	1970-01-20 16:46:04	Name: da_sid Value: 385706DE8E3CAE89087AAA13B81299E645\|3\|0\|0
claims.mojainsurance.co.uk/Session	1969-12-31 23:59:59	Name: cookieConsent Value: all
claims.mojainsurance.co.uk/	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: JGFFFAJGNINMIDHJOPCOMLOHNDFPCEANOFMMEIHJJAAGGMJCOMACCIBLGACDNPFPBAGDLPEILDFFGPIGGFGAAMPOHOJFGAHOAFPFNHOGHOMNKGGHLBKNJMIAMKDJKJHN
claims.mojainsurance.co.uk/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: qqzln04wwgnrgz2o3xblbi1v
.mojainsurance.co.uk/	1970-01-20 21:05:14	Name: optimizelyEndUserId Value: oeu1701962705221r0.5072702296094884
claims.mojainsurance.co.uk/	1970-01-21 01:31:38	Name: ai_user Value: 5/J0i\|2023-12-07T15:25:05.495Z
claims.mojainsurance.co.uk/	1969-12-31 23:59:59	Name: _gtm_userSampleGroup Value: 0.49
.mojainsurance.co.uk/	1969-12-31 23:59:59	Name: _gtm_decibelEnabled Value: true
.mojainsurance.co.uk/	1970-01-20 18:55:38	Name: _gcl_au Value: 1.1.891512194.1701962706
.mojainsurance.co.uk/	1970-01-21 02:22:02	Name: _ga_RE55ZQSXB7 Value: GS1.1.1701962706.1.0.1701962706.0.0.0
.mojainsurance.co.uk/	1970-01-21 02:22:02	Name: _ga Value: GA1.1.807982557.1701962706
.mojainsurance.co.uk/	1970-01-20 16:47:29	Name: _uetsid Value: cca98a50951411ee87b097c36b9bb401
.mojainsurance.co.uk/	1970-01-21 02:07:38	Name: _uetvid Value: cca9d7a0951411ee97981bde34a760a5
.bing.com/	1970-01-21 02:07:38	Name: MUID Value: 2E0B9AF0A29C6AFF36468910A3136BAC
.bat.bing.com/	1970-01-20 16:56:07	Name: MR Value: 0
.mojainsurance.co.uk/	1970-01-20 18:55:38	Name: _fbp Value: fb.2.1701962706569.1711781632
claims.mojainsurance.co.uk/	1970-01-20 16:46:04	Name: ai_session Value: P3xdf\|1701962706592.3\|1701962706592.3
.linkedin.com/	1970-01-20 18:55:38	Name: li_sugr Value: d9a78ee4-edbc-4a1a-9f1a-bc88cf03af10
.linkedin.com/	1970-01-21 01:31:38	Name: bcookie Value: "v=2&b83c34ba-4c06-425d-8767-0950a0ebceeb"
.linkedin.com/	1970-01-20 16:47:29	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3069:u=1:x=1:i=1701962706:t=1702049106:v=2:sig=AQFo8Fp09yOgjvbMhNSdtndiYQz4D1ZG"
.linkedin.com/	1970-01-20 17:29:14	Name: UserMatchHistory Value: AQISyieZaEODXAAAAYxE4e8k3xTXgQF1iciGR7Xx8UOWnIfRVF0WS50DR4q-ce7u2O2VHOeQsK7FhQ
.linkedin.com/	1970-01-20 17:29:14	Name: AnalyticsSyncHistory Value: AQJUx61x743XhAAAAYxE4e8k42pmyGKXvAG4XbApdsMKNHVEhVrzoipHNBeJIA1s_hZYTjEFh-s2C7TOKqZcyw
.www.linkedin.com/	1970-01-21 01:31:38	Name: bscookie Value: "v=1&20231207152506dc637db7-2c28-4f5b-89d9-5b5a77b1b2baAQGiotyIj-uwjaBzhoN42ffQ2xMqhRg1"
.doubleclick.net/	1970-01-21 02:22:02	Name: IDE Value: AHWqTUltZMFPjqxvizcdA4f0USBZIZyjk9HwdomJZjjvOApOALTaMY_0cowFiI4H_c8
.mojainsurance.co.uk/	1970-01-20 16:46:04	Name: da_sid Value: 385706DE8E3CAE89087AAA13B81299E645\|3\|0\|3
.mojainsurance.co.uk/	1970-01-21 01:31:38	Name: da_lid Value: 0B6435ED9A7CEA129D2BBB99FA10D3EDF6\|0\|0\|0
.mojainsurance.co.uk/	1970-01-20 16:46:04	Name: da_intState Value:

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: Failed to decode downloaded font: https://claims.mojainsurance.co.uk/Content/fonts/Publico/publico.eot?
other	warning	URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Message: OTS parsing error: invalid sfntVersion: 1949762304

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a247752487.cdn.optimizely.com
ad.doubleclick.net
adservice.google.com
analytics.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.decibelinsight.net
cdn.optimizely.com
cdn3.optimizely.com
claims.mojainsurance.co.uk
connect.facebook.net
dc.services.visualstudio.com
fonts.googleapis.com
googleads.g.doubleclick.net
lantern.roeye.com
lantern.roeyecdn.com
logx.optimizely.com
px.ads.linkedin.com
px4.ads.linkedin.com
sgtm.axa.co.uk
snap.licdn.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
172.253.63.148
2001:4860:4802:32::181
23.14.152.64
23.218.120.75
2600:1408:5400:1c::173d:b2d
2600:1408:ec00:28f::13b8
2600:1901:0:35e6::
2600:9000:2508:a000:1f:af3f:8a40:93a1
2600:9000:26a0:2200:f:8ce2:fb80:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::93
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f171:81:face:b00c:0:25de
34.195.98.94
40.71.13.170
52.18.56.89
54.192.51.81
85.159.155.43
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
316a0856b18d457d073ff70d1af7fed884bc29a5fc612bf94f3ed2dbf52d109c
3ac1c44ce3bbb2f796adeb4360c6dfb9c72a48384691e70d4fee706caa640571
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
407f5113d9e2b4d44e17cefbf45d040bd4b3bc3fd5952a43cffbeaa28ce3cc00
4bf4e880e330e856dfe2790bbd616dc2e93d928850462e045e9ab78e2c63bf2f
4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705
5049e4b073b6bcf3cc82c27210dd5019a3781c66d15f497c72ddeddf4a666c74
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53833899a58acb068f61c479b1cc969be64fd4bde1f53adc85716bb124948bd3
56267def56891a5f362d39c74bf78dd1cfe953bc2115f0a6cef8dfacfef7cf02
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
739201e205fb348ae399397d341aef7402902fb388084998955a0ad4e69ec677
7fbc6610f9daeb3abe9863316dfd50369d3e173fc7be8baefc334468e8a19888
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
99111c2c9d2617b28a94231c0309cbbd7b1073695bcab726da58364525eb0329
a03ed09f342b44819675f6768bb308af53d64056e7869991b1b311ed68148f05
a9afd5863382a64fbff5a548b2d31d74c7adfe004317dac48a81504842e847a8
baa97cb056524ee6f783090f83aa1f885c94b2b04316c0c79106d39648fa2a24
bcde0644cf35f62b49b18055d0829287a83f408e5d54f49d70e35580a0b7f624
c8f09f40b6972cbe239f450cc733fb98bf50decc1dd0360ba4ae9b96578f23c8
d5ae0cd2ba265fbb529d8df684e76b6ba0f5809e20578de8c5cabbbf12411623
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4618262c1c1338400e19d156d5a3604f4fc94290c3ce7dad2ee225e3b6c8127
ebcbb13721ea4f54e9c2ef47252b39affb87e57ed7b570eb65d1757a88ea8f85
ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd
ed1f3bbbfa2c968f963ec702aa90109f78a2d26d2653211f6349d72f0dea2121
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e2117af2658167b3378a19786aeb99c9b0759739a2e84b91b3d5ab146c5f06
f51f6718c64925153c7db7a22736f6c08fce3299828376f59663e05e8b84b825
f6ca424c9a6ed9fe88510a27d6de9abf03af3e7157246f5a7259873109a4cd56

claims.mojainsurance.co.uk Open in urlscan Pro 85.159.155.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

87 %HTTPS

64 %IPv6

18 Domains

27 Subdomains

25 IPs

4 Countries

2191 kBTransfer

5399 kBSize

28 Cookies

5 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claims.mojainsurance.co.uk Open in urlscan Pro
85.159.155.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

87 %
HTTPS

64 %
IPv6

18
Domains

27
Subdomains

25
IPs

4
Countries

2191 kB
Transfer

5399 kB
Size

28
Cookies

45 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!