Submitted URL: https://myccl.com/
Effective URL: https://myccl.com/login?ReturnUrl=%2f
Submission: On May 10 via api from US — Scanned from GB

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 26 HTTP transactions. The main IP is 51.140.210.101, located in Cardiff, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is myccl.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 20th 2024. Valid for: 6 months.
This is the only time myccl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 51.140.210.101 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 20.166.40.66 8075 (MICROSOFT...)
26 7
Apex Domain
Subdomains
Transfer
17 myccl.com
myccl.com
3 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 751
200 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
295 B
2 gstatic.com
fonts.gstatic.com
87 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2776
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
26 7
Domain Requested by
17 myccl.com 1 redirects myccl.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com myccl.com
1 az416426.vo.msecnd.net myccl.com
1 www.googletagmanager.com myccl.com
26 7

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.ccl-logistics.com
Subject Issuer Validity Valid
myccl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-02-20 -
2024-08-20
6 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-01-30 -
2025-01-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03
2024-04-15 -
2025-04-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://myccl.com/login?ReturnUrl=%2f
Frame ID: 9C23C68EB9F0431F03EFAA112FEECC88
Requests: 25 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://myccl.com/ HTTP 302
    https://myccl.com/login?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

26
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2782 kB
Transfer

3685 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myccl.com/ HTTP 302
    https://myccl.com/login?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
myccl.com/
Redirect Chain
  • https://myccl.com/
  • https://myccl.com/login?ReturnUrl=%2f
20 KB
10 KB
Document
General
Full URL
https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0399e1108969ab44efe1382f9831987b3125c06d64325279efc0d93dc5fb2c19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Encoding
gzip
Content-Length
6656
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 10:13:28 GMT
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
Request-Context
appId=cid-v1:5be2dda4-ab58-4a99-9192-773a5b4d9378
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
137
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 10:13:28 GMT
Location
/login?ReturnUrl=%2f
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
Request-Context
appId=cid-v1:5be2dda4-ab58-4a99-9192-773a5b4d9378
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
myccl-theme.css
myccl.com/static/css/
253 KB
37 KB
Stylesheet
General
Full URL
https://myccl.com/static/css/myccl-theme.css?v=638508714660000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e87b9384af0c515aba3c017ad178986f3aeb26f72ec50e61b463326d70479e67
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:06 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"089117f2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
35337
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery-ui.css
myccl.com/css/
36 KB
11 KB
Stylesheet
General
Full URL
https://myccl.com/css/jquery-ui.css?v=638508710000000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
142c8c366c2228c3b1ae753bd7f9f48072c998d887386b44bf924e5f39ac4522
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8149
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
js
www.googletagmanager.com/gtag/
295 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1FZGRVM7PK
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb9459ee44f54426b0dbbc5a6a59477705b944380fdada1955290e53b6742aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 10:13:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100726
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 10:13:29 GMT
css2
fonts.googleapis.com/
3 KB
652 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Exo+2:wght@600;700&display=swap
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16ec9c3dd7a256812a3ad7c58563019d824a6e0451972c4c84575c41123d3608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 10:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 10:13:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 10:13:29 GMT
myCCL_White.svg
myccl.com/Images/
3 KB
4 KB
Image
General
Full URL
https://myccl.com/Images/myCCL_White.svg
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e28c5e4b3c1f5d5504389268676ef79ac8d20d7c38593edd9f09357003debf8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1396
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
login-page-featured-sample-20240409.png
myccl.com/Images/
2 MB
2 MB
Image
General
Full URL
https://myccl.com/Images/login-page-featured-sample-20240409.png
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e1d0dd2b12935b78f224498e41ddfe9b9b57f8ebd5da1605dcd0440c9e4a275c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1852119
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery.min.js
myccl.com/static/js/
85 KB
32 KB
Script
General
Full URL
https://myccl.com/static/js/jquery.min.js?v=638508714640000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:04 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"05ce07d2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
30416
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery-ui.min.js
myccl.com/static/js/
249 KB
69 KB
Script
General
Full URL
https://myccl.com/static/js/jquery-ui.min.js?v=638508714660000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:06 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"089117f2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
67986
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery.unobtrusive-ajax.min.js
myccl.com/static/js/
4 KB
4 KB
Script
General
Full URL
https://myccl.com/static/js/jquery.unobtrusive-ajax.min.js?v=638508714660000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:06 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"089117f2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1790
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery-migrate.min.js
myccl.com/static/js/
13 KB
8 KB
Script
General
Full URL
https://myccl.com/static/js/jquery-migrate.min.js?v=638508714640000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
148a74b0921ad78021d716e8032ede1cdaf7ed7279cefd7d2acbe906add12a68
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:04 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"05ce07d2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
4909
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery.validate.min.js
myccl.com/static/js/
24 KB
10 KB
Script
General
Full URL
https://myccl.com/static/js/jquery.validate.min.js?v=638508714660000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:06 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"089117f2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
7928
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
jquery.validate.unobtrusive.min.js
myccl.com/static/js/
6 KB
5 KB
Script
General
Full URL
https://myccl.com/static/js/jquery.validate.unobtrusive.min.js?v=638508714660000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:06 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"089117f2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2210
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
bootstrap.js
myccl.com/static/js/
145 KB
36 KB
Script
General
Full URL
https://myccl.com/static/js/bootstrap.js?v=638508714640000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c704bd572aed79af6b739597c9da7399274defcd78998cab945807133fefa8cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:04 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"05ce07d2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
33657
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
bootstrap.additions.js
myccl.com/js/
2 KB
4 KB
Script
General
Full URL
https://myccl.com/js/bootstrap.additions.js?v=638508710000000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
69c36d05b49181bb7cdb0e1a33515f040c961f1c4bda861aa8a488d6c3bed7f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1060
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
bootstrap-toggle.min.js
myccl.com/static/js/
4 KB
4 KB
Script
General
Full URL
https://myccl.com/static/js/bootstrap-toggle.min.js?v=638508714640000000
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
799360060bad2c8e3bacace97d48e2fdd0fdb7a2d1b36808dd8a9729da033a6a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 09 May 2024 16:11:04 GMT
Server
Microsoft-IIS/10.0
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
ETag
"05ce07d2ba2da1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1329
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
css
fonts.googleapis.com/
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Requested by
Host: myccl.com
URL: https://myccl.com/static/css/myccl-theme.css?v=638508714660000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a60d4f8cc0e1ec57d2574653a779b41406c419a8e1a0fc49d6d0a45f73491370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 10:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 09:51:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 10:13:29 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhc/7946) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 May 2024 10:13:29 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
139
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (lhc/7946)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
95723c68-001e-0032-7bc2-a2928b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 10 May 2024 10:43:29 GMT
login-background-20240325.jpeg
myccl.com/Images/
505 KB
508 KB
Image
General
Full URL
https://myccl.com/Images/login-background-20240325.jpeg
Requested by
Host: myccl.com
URL: https://myccl.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8405665cc68cc1fd5880c17b833f93190ef831c87a2bfd57bda882ecfb1da903
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
516968
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v21/
39 KB
40 KB
Font
General
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYoK-4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://myccl.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:05:07 GMT
x-content-type-options
nosniff
age
266902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40316
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:31:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:05:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://myccl.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
559653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 22:45:56 GMT
collect
www.google-analytics.com/g/
0
241 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1FZGRVM7PK&gtm=45je4580v9102113914za200&_p=1715336009310&gcd=13l3l3l3l1&npa=0&dma=0&cid=777912425.1715336010&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715336009&sct=1&seg=0&dl=https%3A%2F%2Fmyccl.com%2Flogin%3FReturnUrl%3D%252f&dt=Sign%20in&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1036
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FZGRVM7PK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 10:13:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myccl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
myccl.com/
15 KB
17 KB
Other
General
Full URL
https://myccl.com/favicon.ico?v=638508710000000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.210.101 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af9f3e6bed9117dd169f4a6a224c5313e660c68c24d6b1203c81d225a707ca3d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/login?ReturnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 10:13:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Last-Modified
Thu, 09 May 2024 16:03:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0944f692aa2da1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
15086
Reporting-Endpoints
ccl-csp-reports="https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;"
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.166.40.66 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://myccl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 10 May 2024 10:13:29 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/
96 B
200 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.166.40.66 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
9dd390090a4cb9568f9ccea0248c87422e0f1a2a20659da178613bee6b512a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://myccl.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 10:13:29 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1FZGRVM7PK&gtm=45je4580v9102113914za200&_p=1715336009310&gcd=13l3l3l3l1&npa=0&dma=0&cid=777912425.1715336010&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715336009&sct=1&seg=0&dl=https%3A%2F%2Fmyccl.com%2Flogin%3FReturnUrl%3D%252f&dt=Sign%20in&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6046
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FZGRVM7PK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myccl.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 10:13:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myccl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| appInsights function| $ function| jQuery boolean| errorlogin object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
.myccl.com/ Name: ARRAffinity
Value: d7edddb5abdf8e61cbe22f0821309876933943c887c8ff722663d1c9289bf4d4
.myccl.com/ Name: ARRAffinitySameSite
Value: d7edddb5abdf8e61cbe22f0821309876933943c887c8ff722663d1c9289bf4d4
myccl.com/ Name: TempData
Value: sq/BTUwlccN/zVViLstqULT3KTwHf3BVRgxDIrrvh2YWfz4aKce89Dc1nADeWtK1YFZOIoC43o6SBcNqNX1Ny89J8HMX+w6PFmgcCo08BsXhfF4tMgHjXabg6Bx3GUi2lgfXokzzz+BOu6Jt6KpJCOW64qtq6SOEh6SCWRhDgTzPeNB8w16cvbZeEvLQvavqdFIjPy/66LL+/ph8kyWV0Kk+2xNc3ykBflQZRclKAlHB418qEZehusyiogR7ksK9dFpWM4vZG5kMz6BLFl6z/z7SDjraTJkLFsQYgWaQjBsDDcjgewcx7mbf7N0amYY/XlfUTGmjb5ZYQB63FCgh7Hh0bvjzkqDBYihJU3wZD1DjT9yYSfomf4aS2Kq6JJGCXc0V6V79lb3lclng4RzLXA/TxKh0lztrJYP+KLhg7gGfvjVsQy9ImFF8l9Veg8b08B0hxQ9RSmd7mDMZu+aDXw==
myccl.com/ Name: ai_user
Value: TE5tN|2024-05-10T10:13:29.714Z
.myccl.com/ Name: _ga
Value: GA1.1.777912425.1715336010
.myccl.com/ Name: _ga_1FZGRVM7PK
Value: GS1.1.1715336009.1.0.1715336009.0.0.0
myccl.com/ Name: ai_session
Value: N0Kof|1715336009819.1|1715336009819.1

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://myccl.com/login?ReturnUrl=%2f
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com https://js.api.here.com; connect-src 'self' blob: https://dc.services.visualstudio.com https://js.api.here.com https://*.google-analytics.com https://*.hereapi.com https://stats.g.doubleclick.net https://cdn.linkedin.oribi.io *.uservoice.com https://*.myccl.com https://fonts.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://js.monitor.azure.com https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://services.postcodeanywhere.co.uk kyria11111.pcapredict.com *.uservoice.com https://az416426.vo.msecnd.net https://js.api.here.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.syncfusion.com https://code.jquery.com https://snap.licdn.com/li.lms-analytics/insight.min.js; img-src 'self' blob: data: https://js.api.here.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://px.ads.linkedin.com ; style-src 'self' 'unsafe-inline' https://cclui.blob.core.windows.net https://ccltest.blob.core.windows.net https://ccllive.blob.core.windows.net https://ownvehicleui.z33.web.core.windows.net https://cdn.syncfusion.com https://fonts.googleapis.com https://widget.uservoice.com https://js.api.here.com; media-src 'self' data: ; worker-src 'self' blob: ; frame-ancestors 'self'; frame-src 'self' https://myccl.uservoice.com https://*.myccl.com; report-uri https://contentsecurityreport.azurewebsites.net/api/Submit?name=live-myccl;; report-to ccl-csp-reports;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
myccl.com
www.google-analytics.com
www.googletagmanager.com
20.166.40.66
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:800::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::200a
51.140.210.101
0399e1108969ab44efe1382f9831987b3125c06d64325279efc0d93dc5fb2c19
142c8c366c2228c3b1ae753bd7f9f48072c998d887386b44bf924e5f39ac4522
148a74b0921ad78021d716e8032ede1cdaf7ed7279cefd7d2acbe906add12a68
16ec9c3dd7a256812a3ad7c58563019d824a6e0451972c4c84575c41123d3608
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
69c36d05b49181bb7cdb0e1a33515f040c961f1c4bda861aa8a488d6c3bed7f8
799360060bad2c8e3bacace97d48e2fdd0fdb7a2d1b36808dd8a9729da033a6a
8405665cc68cc1fd5880c17b833f93190ef831c87a2bfd57bda882ecfb1da903
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9dd390090a4cb9568f9ccea0248c87422e0f1a2a20659da178613bee6b512a78
a60d4f8cc0e1ec57d2574653a779b41406c419a8e1a0fc49d6d0a45f73491370
af9f3e6bed9117dd169f4a6a224c5313e660c68c24d6b1203c81d225a707ca3d
c704bd572aed79af6b739597c9da7399274defcd78998cab945807133fefa8cd
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
cb9459ee44f54426b0dbbc5a6a59477705b944380fdada1955290e53b6742aad
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e1d0dd2b12935b78f224498e41ddfe9b9b57f8ebd5da1605dcd0440c9e4a275c
e28c5e4b3c1f5d5504389268676ef79ac8d20d7c38593edd9f09357003debf8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87b9384af0c515aba3c017ad178986f3aeb26f72ec50e61b463326d70479e67