URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Submission: On December 09 via api from IT — Scanned from IT

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 97 HTTP transactions. The main IP is 52.16.99.137, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.railhelp.co.uk.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on May 30th 2022. Valid for: a year.
This is the only time www.railhelp.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
41 52.16.99.137 16509 (AMAZON-02)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 34.117.233.127 396982 (GOOGLE-CL...)
1 18.244.155.128 16509 (AMAZON-02)
12 161.71.1.38 14340 (SALESFORCE)
10 99.86.4.90 16509 (AMAZON-02)
13 13.32.27.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.211.50.179 16509 (AMAZON-02)
1 13.32.99.63 16509 (AMAZON-02)
1 52.222.206.19 16509 (AMAZON-02)
1 174.129.138.156 14618 (AMAZON-AES)
2 161.71.3.180 14340 (SALESFORCE)
97 16
Apex Domain
Subdomains
Transfer
41 railhelp.co.uk
www.railhelp.co.uk
2 MB
24 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3070
consent-pref.trustarc.com — Cisco Umbrella Rank: 16659
consent-st.trustarc.com — Cisco Umbrella Rank: 31611
451 KB
12 force.com
service.force.com — Cisco Umbrella Rank: 3357
42 KB
7 postcodeanywhere.co.uk
services.postcodeanywhere.co.uk — Cisco Umbrella Rank: 20658
39 KB
2 salesforceliveagent.com
d.la1-c2-lo2.salesforceliveagent.com — Cisco Umbrella Rank: 35505
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
20 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 880
86 KB
1 truste-svc.net
prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 32238
2 KB
1 cloudfront.net
d6tizftlrpuof.cloudfront.net
2 KB
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 3474
11 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 912
50 KB
1 truste.com
consent.truste.com — Cisco Umbrella Rank: 6080
5 KB
1 pcapredict.com
first11225.pcapredict.com — Cisco Umbrella Rank: 582305
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
51 KB
97 14
Domain Requested by
41 www.railhelp.co.uk www.railhelp.co.uk
13 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
prefmgr-cookie.truste-svc.net
12 service.force.com www.railhelp.co.uk
service.force.com
10 consent.trustarc.com consent.truste.com
www.railhelp.co.uk
consent-pref.trustarc.com
7 services.postcodeanywhere.co.uk first11225.pcapredict.com
services.postcodeanywhere.co.uk
2 d.la1-c2-lo2.salesforceliveagent.com service.force.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 use.fontawesome.com www.railhelp.co.uk
use.fontawesome.com
1 prefmgr-cookie.truste-svc.net www.railhelp.co.uk
1 d6tizftlrpuof.cloudfront.net www.railhelp.co.uk
1 consent-st.trustarc.com consent-pref.trustarc.com
1 w.usabilla.com www.railhelp.co.uk
1 www.googleoptimize.com www.googletagmanager.com
1 consent.truste.com www.railhelp.co.uk
1 first11225.pcapredict.com www.railhelp.co.uk
1 www.googletagmanager.com www.railhelp.co.uk
97 16

This site contains links to these domains. Also see Links.

Domain
avantiwestcoast.co.uk
www.avantiwestcoast.co.uk
twitter.com
facebook.com
instagram.com
Subject Issuer Validity Valid
*.railhelp.co.uk
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-05-30 -
2023-06-22
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.pcapredict.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-22 -
2023-08-22
a year crt.sh
*.truste.com
Amazon
2022-01-17 -
2023-02-15
a year crt.sh
*.um4.force.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-14 -
2023-02-13
a year crt.sh
*.trustarc.com
Amazon
2022-05-17 -
2023-06-15
a year crt.sh
w.usabilla.com
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
*.postcodeanywhere.co.uk
Sectigo RSA Domain Validation Secure Server CA
2022-01-18 -
2023-01-18
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.truste-svc.net
Amazon
2022-05-23 -
2023-06-21
a year crt.sh
la1-c2-lo2.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-02 -
2023-02-01
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.railhelp.co.uk/avantiwestcoast/refunds
Frame ID: D678CD31AB07861074668408605AB82E
Requests: 68 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=avantiwestcoast.co.uk
Frame ID: DDC7276A3200ADB69A10F7C0C365CF87
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 5937F5A4822ECFA1DB4261AAA93A48D3
Requests: 18 HTTP requests in this frame

Frame: https://w.usabilla.com/1bbb06a8c39b.js?lv=1
Frame ID: D9FDB77C23D6D5B409D6914F5B99CEC9
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Frame ID: 86D0C9A58466DE05DADB9E80D90A13AF
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
Frame ID: 40FA628768D7B372F9EB4E4E90676874
Requests: 6 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/first-customer-contact-button-44da3609210fc8ba07c62b4053fea1d0.png
Frame ID: 21EBB2C7FA1C365B31FED4F7B8D80491
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 3497744050598A7F5E1A02E4DEAC0BC5
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 7D5C31961A977E606A4A9EF12B71C211
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Refunds | Avanti West Coast

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

97
Requests

100 %
HTTPS

27 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

2538 kB
Transfer

4518 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request refunds
www.railhelp.co.uk/avantiwestcoast/
84 KB
84 KB
Document
General
Full URL
https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
be46a43dcf1bbf8fa3d0987b5c98789abb8626a78d3c9d5c30350bec72f58efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
85769
content-type
text/html; charset=utf-8
date
Fri, 09 Dec 2022 09:16:59 GMT
expires
-1,-1
pragma
no-cache
referrer-policy
same-origin
server
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
bootstrap.css
www.railhelp.co.uk/Assets/css/
156 KB
156 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/bootstrap.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 09:02:00 GMT
server
x-permitted-cross-domain-policies
none
etag
"03453551725d61:0"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
159521
x-xss-protection
1; mode=block
expires
-1
style.css
www.railhelp.co.uk/Assets/css/
66 KB
13 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/style.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9095b0ee25dbc412ea3f008fdb8e2612f90cc7ac63ae37c2574158362f5f394b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
13003
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 26 Oct 2022 15:33:07 GMT
server
etag
"80fbef3e50e9d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
expires
-1
scrollbar.css
www.railhelp.co.uk/Assets/css/
54 KB
6 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/scrollbar.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91c6f458fef8fd9aada82e7bfce4716dd1f40da335935b2299f421cde3ef9eb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
5590
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 09:03:00 GMT
server
etag
"07a16791725d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
expires
-1
jquery-ui.css
www.railhelp.co.uk/Assets/css/
36 KB
9 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/jquery-ui.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
109718dd18b4d6980db9bf8278834bec268cab060f20bbc8308a80e2d9a4b47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
8405
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 09:03:24 GMT
server
etag
"09664871725d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
expires
-1
timepicker.min.css
www.railhelp.co.uk/Assets/css/
5 KB
3 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/timepicker.min.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0788545638ebf35d842c132e5c2961f935e4cfb967b17443b1a012d11bedc7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
2594
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 25 Nov 2020 03:34:24 GMT
server
etag
"06077dedbc2d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
expires
-1
all.css
use.fontawesome.com/releases/v5.7.0/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DSSAG8AWY49ASWC8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PyMNjxtDljSo6kRznLd3+whse/zXGpPJkuLu4T1+3MEjFmZZ6tjd6RAR68ClHgogeA6vUDUsjBc=
last-modified
Wed, 30 Jun 2021 15:45:15 GMT
server
cloudflare
etag
W/"251d28bd755f5269a4531df8a81d5664"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdAMTi4rwROWOi%2FLeNM1iWXofJEyjusPYi3U1BrBxQo8cbpig7HvRyGOJL3bsQ8oqkpOeigX6so%2B8S%2FkhI6lnXp6J%2BEgj5hfuqdO6jVOdweGbXh1QAyp7KOCGqtHspCgx1bRQfkPZxYhXgQ%2B7fzXTeLi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
776ca5255dda0e1a-MXP
jquery.js
www.railhelp.co.uk/Assets/js/
87 KB
88 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/jquery.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 08 Mar 2022 07:47:09 GMT
server
x-permitted-cross-domain-policies
none
etag
"a8ee37b7c032d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
89501
x-xss-protection
1; mode=block
expires
-1
popper.js
www.railhelp.co.uk/Assets/js/
21 KB
8 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/popper.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
7523
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 17:16:44 GMT
server
etag
"0265e725c25d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
bootstrap.js
www.railhelp.co.uk/Assets/js/
59 KB
16 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/bootstrap.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
15923
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 17:05:06 GMT
server
etag
"0cd53d25a25d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
jquery-ui.js
www.railhelp.co.uk/Assets/js/
527 KB
124 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/jquery-ui.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
923897ee794b37db0c508463de3e0ab5382b0656ae2843d789d913d94203a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
126159
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 Jul 2020 16:05:38 GMT
server
etag
"07514aaf53d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
timepicker.js
www.railhelp.co.uk/Assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/timepicker.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ad6c7d3fba1997f4a7693f3b7cd5fd45183380bf0547ce93d0f613b06019149c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
1479
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 Dec 2021 11:35:26 GMT
server
etag
"0d3e62df1f7d71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
en.png
www.railhelp.co.uk/Assets/images/flag/
4 KB
4 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/en.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e33e4658c1367e1df27d787f9c2c2df73e047bae1fccefe6cda7da7343df615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"ffdb9f3bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3976
x-xss-protection
1; mode=block
expires
-1
cy.png
www.railhelp.co.uk/Assets/images/flag/
11 KB
11 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/cy.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
714327ea0c7455620de460a34d2bb71b2095b1aba1e0c1cd7974db69d6d9473c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sat, 17 Jul 2021 17:19:58 GMT
server
x-permitted-cross-domain-policies
none
etag
"b6ee42f82f7bd71:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
11184
x-xss-protection
1; mode=block
expires
-1
zh.png
www.railhelp.co.uk/Assets/images/flag/
3 KB
3 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/zh.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6a916436e8e9de11f4b42159c6ae30a911fee31e0a365dbb3a2edfde05a55b44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"bd9ea03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
2889
x-xss-protection
1; mode=block
expires
-1
fr.png
www.railhelp.co.uk/Assets/images/flag/
2 KB
2 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/fr.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
220eeb36e5fc07b1dc2fd63ace5c2e1ad22749dd9dff31a2dfeb88761befc56a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"e82a03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1935
x-xss-protection
1; mode=block
expires
-1
nl.png
www.railhelp.co.uk/Assets/images/flag/
369 B
690 B
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/nl.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fb29dbe204578dd803ad56b7cf7098eece5cda2afd84cb78524590c293d72beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"d250a03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
369
x-xss-protection
1; mode=block
expires
-1
de.png
www.railhelp.co.uk/Assets/images/flag/
2 KB
2 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/de.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30f2923f1e79174ced58c7167bed74aee7d4eb29141d0a6f51827477b60f2fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"728e9f3bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1888
x-xss-protection
1; mode=block
expires
-1
it.png
www.railhelp.co.uk/Assets/images/flag/
2 KB
2 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/it.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fff64f8f1b8f3e45850b1f290cf8a68b3906e2cd2ef27dff61275280a7251488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"e129a03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1937
x-xss-protection
1; mode=block
expires
-1
es.png
www.railhelp.co.uk/Assets/images/flag/
2 KB
2 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/es.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
190bd870e039c52e9c77c3194eb47f6531943408ca972540d032e67bd4d2674a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"ffdb9f3bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1920
x-xss-protection
1; mode=block
expires
-1
pl.png
www.railhelp.co.uk/Assets/images/flag/
2 KB
2 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/pl.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
65eb872668809d16c193e60298fdcbd17cbe8c963b0bba450834d45e86c46246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"c877a03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1950
x-xss-protection
1; mode=block
expires
-1
pt.png
www.railhelp.co.uk/Assets/images/flag/
9 KB
10 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/flag/pt.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c8e0b34eb8a3e955da84151033adfac32343eb68159fba2749992addcef2bcbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 01 Dec 2020 11:22:20 GMT
server
x-permitted-cross-domain-policies
none
etag
"c877a03bd4c7d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
9546
x-xss-protection
1; mode=block
expires
-1
logo.ashx
www.railhelp.co.uk/-/media/Images/AWC/
4 KB
4 KB
Image
General
Full URL
https://www.railhelp.co.uk/-/media/Images/AWC/logo.ashx
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7611ceee6271d6dde91e06e622f27ca09c7f6de29a2e44686cff442ca05e22b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 13 Jul 2021 07:18:07 GMT
server
x-permitted-cross-domain-policies
none
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="logo.svg"
accept-ranges
bytes
content-length
4233
x-xss-protection
1; mode=block
expires
-1
gtm.js
www.googletagmanager.com/
130 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-587X9WV
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d09f69bdf06ef3318f9018c715109471ccd0b3cf07f8c8eed617075edc43bad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51771
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 09:16:59 GMT
sensor.js
first11225.pcapredict.com/js/
86 KB
14 KB
Script
General
Full URL
https://first11225.pcapredict.com/js/sensor.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
36e787df2ba40faf69b16c91b53074c24d22011beb23abbe888efbca1ca4d7bc

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:14:03 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
age
176
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=60
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14157
Autosuggest.js
www.railhelp.co.uk/Assets/js/
15 KB
4 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/Autosuggest.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b9f34da6fac047c38b6dbccf66c7747bd0f921b7e2be587919e811b7ef80b21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
4076
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 18 Jul 2021 04:40:35 GMT
server
etag
"802371c8f7bd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
paper.png
www.railhelp.co.uk/Assets/images/tickets/
156 KB
156 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/tickets/paper.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1405734e6acc4b8397a146384efa0960022b3377ac543b93eda4965e040f7797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 22 Feb 2022 05:08:00 GMT
server
x-permitted-cross-domain-policies
none
etag
"b441b529aa27d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
159700
x-xss-protection
1; mode=block
expires
-1
barcode.png
www.railhelp.co.uk/Assets/images/tickets/
92 KB
93 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/tickets/barcode.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
21a06636d287f70e41bf09142f5dbbbf16527f5f77ed9cf276ec920116c0a5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 22 Feb 2022 05:08:00 GMT
server
x-permitted-cross-domain-policies
none
etag
"1247a529aa27d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
94533
x-xss-protection
1; mode=block
expires
-1
StationListing.js
www.railhelp.co.uk/Assets/js/Scripts/FormScripts/
3 KB
3 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/Scripts/FormScripts/StationListing.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56c0a1d1ace2eac1edd07a944eb802ca6634861e73b7dc0bb8dc38c6211a8f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Mon, 08 Mar 2021 12:24:47 GMT
server
x-permitted-cross-domain-policies
none
etag
"60fb9771614d71:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
2922
x-xss-protection
1; mode=block
expires
-1
twitter.png
www.railhelp.co.uk/Assets/images/
1000 B
1 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/twitter.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b904a337599d4b85f5e8e155ff7a90110e62b1d66b544888fd7b0ad133219ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 09 Jul 2020 07:38:34 GMT
server
x-permitted-cross-domain-policies
none
etag
"0b920f3c355d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1000
x-xss-protection
1; mode=block
expires
-1
facebook.png
www.railhelp.co.uk/Assets/images/
650 B
972 B
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/facebook.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e4bfed01aa96fcd61cd13e8293e0e4d4376248078b366f05c91f02c70ea8d6df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 09 Jul 2020 07:39:36 GMT
server
x-permitted-cross-domain-policies
none
etag
"02c1518c455d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
650
x-xss-protection
1; mode=block
expires
-1
instagram.png
www.railhelp.co.uk/Assets/images/
8 KB
8 KB
Image
General
Full URL
https://www.railhelp.co.uk/Assets/images/instagram.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ff4a9ab890a06b6945d4ea9847fe79456326f2ddd790932c660ec6927ca4bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 09 Jul 2020 07:40:52 GMT
server
x-permitted-cross-domain-policies
none
etag
"0da6145c455d61:0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
8227
x-xss-protection
1; mode=block
expires
-1
notice
consent.truste.com/
11 KB
5 KB
Script
General
Full URL
https://consent.truste.com/notice?domain=avantiwestcoast.co.uk&c=teconsent&text=true&gtm=1
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-128.lhr50.r.cloudfront.net
Software
/
Resource Hash
48d16b3d09726d7a0e4ad5a4ddb80fd386f188e7297428623844023dc9f34de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 829762c3f42db9d1ea41f24010e3ac9e.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
cloudfront-viewer-country
IT
content-length
4258
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
cloudfront-viewer-country-region
25
timing-allow-origin
*
x-amz-cf-id
2JJFiU8TI5-HljZ400v4PMi7LiyM89J3VK6Zs8pIRjczZ15BsB4mwg==
expires
Fri, 09 Dec 2022 10:16:59 GMT
scrollbar-concat.js
www.railhelp.co.uk/Assets/js/
44 KB
13 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/scrollbar-concat.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5ab5f19f9bd4a4ddcf14235fc1684eefe7cfbfbc33f0a1fce661b13de43092be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
12948
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 17:05:40 GMT
server
etag
"0ca97e65a25d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
scrollbar.js
www.railhelp.co.uk/Assets/js/
93 KB
22 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/scrollbar.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
22308
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 08 May 2020 17:06:24 GMT
server
etag
"0a8d105b25d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
FormScript.js
www.railhelp.co.uk/Assets/js/Scripts/FormScripts/
40 KB
8 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/Scripts/FormScripts/FormScript.js?v=3.0.2
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3234ddcd2b4945df5804df66694b5a5d9f93acf615a99f9945022bdcd18133e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
7546
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 15 Sep 2022 05:37:48 GMT
server
etag
"05ed149c5c8d81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
ApiCalls.js
www.railhelp.co.uk/Assets/js/Scripts/FormScripts/
20 KB
4 KB
Script
General
Full URL
https://www.railhelp.co.uk/Assets/js/Scripts/FormScripts/ApiCalls.js?=2.0.1
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5ee90248e4ac655bd8f070ae05e71561be87ad4c137346f1304f43e2965f3848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubdomain
x-permitted-cross-domain-policies
none
content-length
3462
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 05 Nov 2021 05:22:24 GMT
server
etag
"0a85c1d5d2d71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
expires
-1
esw.min.js
service.force.com/embeddedservice/5.0/
30 KB
9 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 04:53:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
15814
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8312
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 04:53:25 GMT
popup_style.css
www.railhelp.co.uk/Assets/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://www.railhelp.co.uk/Assets/css/popup_style.css
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
16fbd9eb8ca0e0ee0a9ea3267fd993ad5a7525679d24946655dbe0c13cf02d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 17 Mar 2022 10:09:56 GMT
server
x-permitted-cross-domain-policies
none
etag
"d8f21327e739d81:0"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
1518
x-xss-protection
1; mode=block
expires
-1
awc_logo.ashx
www.railhelp.co.uk/-/media/Popup/TOC_Logo/
4 KB
5 KB
Image
General
Full URL
https://www.railhelp.co.uk/-/media/Popup/TOC_Logo/awc_logo.ashx
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b455e36366d9267393a65835b6995d330ee136d78e650e529106d8d4a0cebdde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 15 Mar 2022 06:44:42 GMT
server
x-permitted-cross-domain-policies
none
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="awc_logo.png"
accept-ranges
bytes
content-length
4436
x-xss-protection
1; mode=block
expires
-1
headphone-white.ashx
www.railhelp.co.uk/-/media/Popup/
3 KB
4 KB
Image
General
Full URL
https://www.railhelp.co.uk/-/media/Popup/headphone-white.ashx
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0db56a2c91f8a25161f41d53548a505b81133dc9968fd89bcac40c434f724faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 17 Mar 2022 07:28:39 GMT
server
x-permitted-cross-domain-policies
none
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="headphone-white.svg"
accept-ranges
bytes
content-length
3485
x-xss-protection
1; mode=block
expires
-1
Averta.otf
www.railhelp.co.uk/Assets/fonts/
176 KB
177 KB
Font
General
Full URL
https://www.railhelp.co.uk/Assets/fonts/Averta.otf
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/Assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43953170695743e0ad2eee1491375d55eee3cb26aa0f50e3330b88ad379080c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.railhelp.co.uk/Assets/css/style.css
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 07 Jul 2020 10:27:34 GMT
server
x-permitted-cross-domain-policies
none
etag
"06f363a4954d61:0"
x-frame-options
SAMEORIGIN
content-type
font/otf
accept-ranges
bytes
content-length
180732
x-xss-protection
1; mode=block
expires
-1
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.0/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DSSCNF9AC8QQ51XJ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74316
x-amz-id-2
G60aE1olcAmW2+rxtQW1zU7uO1NIyhQXbqa76aE2VnnblWfI3JxptW/qwxITe1GyVU+7lxN6+fs=
last-modified
Wed, 30 Jun 2021 15:45:37 GMT
server
cloudflare
etag
"52134b924fd61958f88323845deffc64"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYaE13YWEmQjtDE2UG1My08OtyGPLe6cOqSVNV8%2FG2NhCSWghC3Udf%2BvVCNRV6ebDZUgCnaTda%2F8UuMRCOFv%2Fqk0a5lV6pONuNbqmP9XAMTTwzGLtxVwhnI%2Fs6kutcKuWuC0YVkXiJbBvr7qkPshSPml"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
776ca528da6a0e1a-MXP
AvertaSemibold.otf
www.railhelp.co.uk/Assets/fonts/
173 KB
174 KB
Font
General
Full URL
https://www.railhelp.co.uk/Assets/fonts/AvertaSemibold.otf
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/Assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bb47a46f1e6d958fead01b78dcff924a3730ffe71aa1df4192d4ce4c2d279231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.railhelp.co.uk/Assets/css/style.css
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 07 Jul 2020 10:27:44 GMT
server
x-permitted-cross-domain-policies
none
etag
"0502c404954d61:0"
x-frame-options
SAMEORIGIN
content-type
font/otf
accept-ranges
bytes
content-length
177188
x-xss-protection
1; mode=block
expires
-1
AvertaBold.otf
www.railhelp.co.uk/Assets/fonts/
178 KB
179 KB
Font
General
Full URL
https://www.railhelp.co.uk/Assets/fonts/AvertaBold.otf
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/Assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
add9b3402d6bf75ce64b0f08a82887f9e9b0d31af1d3db9cf833662685477070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.railhelp.co.uk/Assets/css/style.css
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 07 Jul 2020 10:27:38 GMT
server
x-permitted-cross-domain-policies
none
etag
"0c9983c4954d61:0"
x-frame-options
SAMEORIGIN
content-type
font/otf
accept-ranges
bytes
content-length
182556
x-xss-protection
1; mode=block
expires
-1
AvertaLight.otf
www.railhelp.co.uk/Assets/fonts/
177 KB
178 KB
Font
General
Full URL
https://www.railhelp.co.uk/Assets/fonts/AvertaLight.otf
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/Assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0129ef6bbb847c4c484e490949bd0365fc568240d625383bf6a3a08c8e52e56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.railhelp.co.uk/Assets/css/style.css
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 07 Jul 2020 10:27:42 GMT
server
x-permitted-cross-domain-policies
none
etag
"023fb3e4954d61:0"
x-frame-options
SAMEORIGIN
content-type
font/otf
accept-ranges
bytes
content-length
181556
x-xss-protection
1; mode=block
expires
-1
v1.7-1971
consent.trustarc.com/asset/notice.js/v/
76 KB
23 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1971
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=avantiwestcoast.co.uk&c=teconsent&text=true&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
7c030b3c060a0515c30084ae2dbcdf3ef048d292a6bb03fbef58e4b3c700d5c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:06:56 GMT
content-encoding
gzip
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
603
x-cache
Hit from cloudfront
pragma
public
last-modified
Tue, 6 Dec 2022 02:25:59 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
lH3vg28DbKkHJ7HK0VX-s-FX4BSd_ngy6pezEJpDX_ck7DFLES2xow==
expires
Sun, 08 Jan 2023 09:06:56 GMT
get
consent.trustarc.com/ Frame DDC7
7 KB
2 KB
Document
General
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=avantiwestcoast.co.uk
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?domain=avantiwestcoast.co.uk&c=teconsent&text=true&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
921
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 09 Dec 2022 09:01:38 GMT
expires
Sun, 08 Jan 2023 09:01:38 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Origin
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id
kv7tXces2lqAUbWrIBgjL7u9pNGKKX_xvJ3cBb6KOzz_crgVyQARXw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
log
consent.trustarc.com/
43 B
427 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=avantiwestcoast.co.uk&country=it&state=&behavior=expressed&c=fa6b
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:16:59 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
e8a69dqkJhg7n5cwAcPYf0rEj_nLhN_OlovpPGx9HoGc3PknsCns7Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
consent-pref.trustarc.com/ Frame 5937
5 KB
3 KB
Document
General
Full URL
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
35403
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 08 Dec 2022 23:26:56 GMT
etag
W/"5147-1668046884000"
expect-ct
max-age=86400; enforce;
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
vF-U75CQ70UcyvbuWSaoyzyLCH-tOZWRKswAGHLTvWO1yuXP6Qi12g==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/
43 B
527 B
Image
General
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=avantiwestcoast.co.uk&behavior=expressed&country=it&language=it&rand=0.5419737322813944
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
cloudfront-viewer-country
IT
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
max-age=3600
cloudfront-viewer-country-region
25
timing-allow-origin
*
x-amz-cf-id
o7A_GtedKGLHjfWnrK7pO1GkZaoKZvzAPZMW60fbYEm_nYW0xvyj8w==
expires
Fri, 09 Dec 2022 10:16:59 GMT
optimize.js
www.googleoptimize.com/
136 KB
50 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-P95Q55R
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-587X9WV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
163a2119819cb3fb3f3ed89a27f9d8413aa4919b256a840abcf82a1f1c3b4caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50481
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Dec 2022 09:16:59 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-587X9WV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 09:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
73
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 09 Dec 2022 11:15:46 GMT
common.min.js
service.force.com/embeddedservice/5.0/utils/
5 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:38:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Age
2298
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1918
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:38:41 GMT
1bbb06a8c39b.js
w.usabilla.com/ Frame D9FD
35 KB
11 KB
Script
General
Full URL
https://w.usabilla.com/1bbb06a8c39b.js?lv=1
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.50.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-50-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
093fe2dec70e5061e0b4901000934774a5cfd7b30ba07fa2b258e97a37582fa1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"5a6843bc88be563ef512dd91321306ac"
content-type
text/javascript
cache-control
public,max-age=0
content-length
10773
platformcaptureplus-2.34.min.css
services.postcodeanywhere.co.uk/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://services.postcodeanywhere.co.uk/css/platformcaptureplus-2.34.min.css?key=GX11-CH49-NT35-GA49&BRAND=PostcodeAnywhere
Requested by
Host: first11225.pcapredict.com
URL: https://first11225.pcapredict.com/js/sensor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
924b0367deeb83b9a7008d17fa786671286e9a00e5965e7db2a09569c9cbe8d8

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:14:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
age
3764
content-type
text/css;charset=UTF-8
cache-control
public, max-age=60
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2275
platformcaptureplus-2.34.min.js
services.postcodeanywhere.co.uk/js/
93 KB
26 KB
Script
General
Full URL
https://services.postcodeanywhere.co.uk/js/platformcaptureplus-2.34.min.js?key=GX11-CH49-NT35-GA49&BRAND=PostcodeAnywhere
Requested by
Host: first11225.pcapredict.com
URL: https://first11225.pcapredict.com/js/sensor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
dce930749243306fb008436776524795baede27c74f9f32c44c0fe16d1165ef3

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:14:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
age
3764
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=60
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26680
GetStations
www.railhelp.co.uk/api/sitecore/FormSubmission/
174 KB
174 KB
XHR
General
Full URL
https://www.railhelp.co.uk/api/sitecore/FormSubmission/GetStations
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/Assets/js/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5f6cb2b2457031045c4898934de00c25b03d6f2aeeccba178e88f9c3ff97a9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.railhelp.co.uk/avantiwestcoast/refunds
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:17:02 GMT
strict-transport-security
max-age=31536000;includeSubdomain
x-content-type-options
nosniff
referrer-policy
same-origin
server
x-permitted-cross-domain-policies
none
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
content-length
177936
x-xss-protection
1; mode=block
expires
-1,-1
esw.min.css
service.force.com/embeddedservice/5.0/
9 KB
4 KB
Stylesheet
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:52:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Age
1478
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4027
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:52:21 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/
20 KB
6 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:37:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 18 Feb 2022 00:21:14 GMT
Content-Encoding
gzip
Age
2341
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5803
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:37:58 GMT
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5937
5 KB
3 KB
Script
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3175df97620413bf2ae297fbe578a8d2ef1e2b9a529cde14d3b74831d4e6b4b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:59 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"4867-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
Jc2Zt7fFDCQWUHZdiyLv6avLZDQI_4yZKrAW9f15rBoDOGoG3a7-0A==
expires
Fri, 09 Dec 2022 09:16:58 GMT
get
consent-st.trustarc.com/ Frame 5937
20 KB
5 KB
Script
General
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 11 Nov 2022 14:51:59 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA60-P3
age
2399101
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
dooX9fT-7su_-zmUWeoqBgBKt0FfhOJ8c5s6kGLU46zw_yODZdMxKw==
expires
Sun, 11 Dec 2022 14:51:59 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame 5937
3 KB
3 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 06:30:00 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
10019
x-cache
Hit from cloudfront
content-length
2608
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"2608-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
9UQJ5ZWx3_eR3wFO_RpJ68DDmqnomai3ubVtgblaq4ja8IZHkWJLgA==
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1766447258&t=pageview&_s=1&dl=https%3A%2F%2Fwww.railhelp.co.uk%2Favantiwestcoast%2Frefunds&ul=en-us&de=UTF-8&dt=Refunds%20%7C%20Avanti%20West%20Coast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABQAAAAC~&jid=965565664&gjid=284396928&cid=72432924.1670577420&tid=UA-170778231-1&_gid=540267077.1670577420&_r=1&gtm=2wgbu0587X9WV&z=1224060471
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:17:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.railhelp.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
E386C51EAEB40FABD3D67271C058D97E.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 86D0
139 KB
46 KB
Document
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cf4573f1ed1f560de87f77d9aa1fdf34956f13c657e7cba7c0ab6b156dd59be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
1836510
cache-control
max-age=315360000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Nov 2022 03:08:30 GMT
etag
W/"142492-1668046902000"
expect-ct
max-age=86400; enforce;
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
sAf6O3r5hY3xPnxrekth5PsNNHcLQGgtTc7jtvF4yqVp_wBa4e2Tcw==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5937
969 B
1 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
468
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
Wv_quk9E1esnUPKj4g_6dhwnkmYfQpppb9r9Fpua1wOTeHpiifdGaA==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5937
48 B
622 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1cd14031b7fb6e683627617810d0991793ff44c81c8770f6727f0f483a0e77ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
48
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
jFwS2VrDB44-1qm1UM0j3SrnxL1LoxvOal4RXhTThauLu7OZdcV_Fg==
json3ex.ws
services.postcodeanywhere.co.uk/Extras/Web/Ip2Country/v1.10/
86 B
112 B
XHR
General
Full URL
https://services.postcodeanywhere.co.uk/Extras/Web/Ip2Country/v1.10/json3ex.ws?Key=UR99-CA99-WP55-BK66&SOURCE=PCA-SCRIPT&SESSION=37380f54-e176-117a-0763-f59170c53ad9
Requested by
Host: services.postcodeanywhere.co.uk
URL: https://services.postcodeanywhere.co.uk/js/platformcaptureplus-2.34.min.js?key=GX11-CH49-NT35-GA49&BRAND=PostcodeAnywhere
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
ae1248de0468c4297d400fdc2616162acffa296612c29a3a7a74a961c9eb2d68

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
records
1
cache-control
no-cache
x-robots-tag
noindex
access-control-allow-headers
Content-Type, pca-source
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
loqatelogoinverted.svg
services.postcodeanywhere.co.uk/images/icons/captureplus/
5 KB
5 KB
Image
General
Full URL
https://services.postcodeanywhere.co.uk/images/icons/captureplus/loqatelogoinverted.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
f4a9abd81132ebc709933152650375f1392534837591cf6412327ba076ccde07

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:34:39 GMT
via
1.1 google
last-modified
Thu, 01 Dec 2022 09:26:50 GMT
server
nginx/1.20.2
age
2541
etag
"0e97ea675d91:0"
content-type
image/svg+xml
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5180
geolocationicon.svg
services.postcodeanywhere.co.uk/images/icons/captureplus/
2 KB
2 KB
Image
General
Full URL
https://services.postcodeanywhere.co.uk/images/icons/captureplus/geolocationicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
36318ab1dd96462ca7543259f7d7cb7b718dbe0be25b0f37ca020078658cb6d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:16:45 GMT
via
1.1 google
last-modified
Thu, 01 Dec 2022 09:26:50 GMT
server
nginx/1.20.2
age
15
etag
"0e97ea675d91:0"
content-type
image/svg+xml
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1888
loader.gif
services.postcodeanywhere.co.uk/images/icons/captureplus/
3 KB
3 KB
Image
General
Full URL
https://services.postcodeanywhere.co.uk/images/icons/captureplus/loader.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
87c207b24a4a26f7084270b06aa23dded428c0c69883702dcc273c2a7485706d

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:22:32 GMT
via
1.1 google
last-modified
Thu, 01 Dec 2022 09:26:50 GMT
server
nginx/1.20.2
age
3268
etag
"0e97ea675d91:0"
content-type
image/gif
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3344
chevron.png
services.postcodeanywhere.co.uk/images/icons/captureplus/
222 B
242 B
Image
General
Full URL
https://services.postcodeanywhere.co.uk/images/icons/captureplus/chevron.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2f73fd2c518cbe66d55c464b302334553b2e25881b20cfceba797358abe38b91

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 08:51:08 GMT
via
1.1 google
last-modified
Thu, 01 Dec 2022 09:26:50 GMT
server
nginx/1.20.2
age
1552
etag
"0e97ea675d91:0"
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
222
esw.html
service.force.com/embeddedservice/5.0/ Frame 40FA
194 B
1 KB
Document
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Fri, 09 Dec 2022 09:17:00 GMT
Expires
Sat, 10 Dec 2022 09:17:00 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
first-customer-contact-button-44da3609210fc8ba07c62b4053fea1d0.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 21EB
2 KB
2 KB
Image
General
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/first-customer-contact-button-44da3609210fc8ba07c62b4053fea1d0.png
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08d62ffd3a7d47ddb8743038c0c4cb5b0d2eefa01ca82a84300787d9b2956626

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 23:06:32 GMT
x-amz-version-id
2dFeGDXfLDXdXDhmBUHIiif2gYy6qPzK
Via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
Age
25092629
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1796
Last-Modified
Mon, 21 Feb 2022 10:12:59 GMT
Server
AmazonS3
ETag
"44da3609210fc8ba07c62b4053fea1d0"
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Accept-Ranges
bytes
X-Amz-Cf-Id
Kv5P5BpW7EOUy2-klx1Y1WFMcyxN7_Cwu2C8xF2X6yRmb6LFcU3uww==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 5937
28 KB
7 KB
Stylesheet
General
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
server
nginx
etag
W/"29043-1668046884000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
94WkhH-nIuQ3fUhe-W2yWqR5Szrwc3BqdLLs7aejyctE0fy71xUElA==
expires
Fri, 09 Dec 2022 09:16:59 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame 5937
254 KB
87 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
bf7a61b50946b58216061cd1b0ad91e1d400246dc5f1299b7c17748bf0aabc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:51:27 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
285933
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"259619-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
FgUfujIfHyw2hO6d-VAnTcgCwhTGLYd8E8KJ2YRQTR0FKC30Rcch-A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame 40FA
5 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:38:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
2339
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1889
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:38:01 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame 5937
19 KB
8 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 14:37:34 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
931166
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"19787-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
vEROA5-VmVJoojXxdkorSbjAo3XCX6Ip8HB1B0U5oxbkvHId-QcV5A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 40FA
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:43:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Mar 2021 18:51:46 GMT
Content-Encoding
gzip
Age
1988
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
768
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:43:52 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 40FA
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:37:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding
gzip
Age
2350
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
779
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:37:50 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 3497
5 KB
2 KB
Document
General
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: www.railhelp.co.uk
URL: https://www.railhelp.co.uk/avantiwestcoast/refunds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.138.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-138-156.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 09:17:00 GMT
etag
W/"5014-1657163800000"
expect-ct
max-age=31536000
last-modified
Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy
geolocation=(), microphone=(), payment=()
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5937
937 B
961 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a61d80c53379e57178d4b0c3e65b9e81815292093ef9691cd8e28837a5f327cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
369
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
gOmYMfxcWx9A8sn8v3GoUpoFjrhA0-ONa8fRUI-QLlBM6hrwW2o7ZQ==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5937
35 KB
9 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
18126d06d89e7c4844d9f9886049d6aec180f4475451cb1beb5926668d9e7095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
E386C51EAEB40FABD3D67271C058D97E
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Fri, 09 Dec 2022 09:17:00 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
8346
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
6jG2mEfZICrHk76tib-0y7s-trMTy9lXbrPfrJ6er7s65Nhu-18n5Q==
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 40FA
22 KB
5 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
b2dd4b584a1e407c41462e9cdd747388af84ec70d3d08eb216ebf5774b104b13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:40:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 22 Nov 2022 21:26:12 GMT
Content-Encoding
gzip
Age
2179
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5047
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:40:41 GMT
EmbeddedServiceConfig.jsonp
d.la1-c2-lo2.salesforceliveagent.com/chat/rest/EmbeddedService/
17 KB
4 KB
Script
General
Full URL
https://d.la1-c2-lo2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3h000002Ct4Q&EmbeddedServiceConfig.configName=AWC_Live_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.3.180 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl8-ncg0-lhr3.la1-c2-lo2.salesforceliveagent.com
Software
/
Resource Hash
2167f0f23a1d76d2a7784a8457cb7c0225da6008b62409e0eec5e00f3f9b934f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/
19 KB
5 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:38:44 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Age
2296
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4540
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:38:44 GMT
truncated
/
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
Origin
https://www.railhelp.co.uk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
application/octet-stream
filetransfer.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 40FA
473 B
744 B
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.railhelp.co.uk/avantiwestcoast/refunds
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:38:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
2339
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
231
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:38:01 GMT
Settings.jsonp
d.la1-c2-lo2.salesforceliveagent.com/chat/rest/Visitor/
347 B
678 B
Script
General
Full URL
https://d.la1-c2-lo2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733h000000QXTJ]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723h000000PfDm&org_id=00D3h000002Ct4Q&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.3.180 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl8-ncg0-lhr3.la1-c2-lo2.salesforceliveagent.com
Software
/
Resource Hash
af9a7c21a3a38c9d2256c1c9f5d0fa6666ae504131a7a8e7993012bb44afd2db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/
8 KB
3 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 08:38:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
2292
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2469
X-XSS-Protection
1; mode=block
Expires
Sat, 10 Dec 2022 08:38:48 GMT
get
consent.trustarc.com/ Frame 5937
3 KB
2 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=Powered-By-TrustArc.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 08:17:40 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
3560
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
NwvyKk_XihTK0CqEs87oPpb743dPX8b5_UdZzuKf9BZ5GoxPDJugoA==
expires
Sun, 08 Jan 2023 08:17:40 GMT
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/ Frame 5937
7 KB
4 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/E386C51EAEB40FABD3D67271C058D97E/6.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:09:55 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
1836425
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 02:21:42 GMT
server
nginx
etag
W/"7220-1668046902000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
rLHM3aa684H4jEh-1ZRT8W4FaQWjJwtonvmu0EI8TWc9bsDKiPZaUA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
get
consent.trustarc.com/ Frame 5937
264 B
663 B
Image
General
Full URL
https://consent.trustarc.com/get?name=avanti_arrow.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
885f52db6ec708d97291c2c9948d625bf831cc20e63fabd48d72b964f4036d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 09:04:43 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
737
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
opQInd3WKTBMfNp50zraXyHBLokOXYtg510acX-Odm8-M3eV_fhJkg==
expires
Sun, 08 Jan 2023 09:04:43 GMT
get
consent.trustarc.com/ Frame 5937
189 KB
78 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=averta-semibold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
5d28b02822c2bc43dbbb5c725b18c614c24a6508a67313df9b5d3ca2aa81d1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 09:04:43 GMT
content-encoding
gzip
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
737
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
y4psErFSEZQE7HoHvSTp52VKg1loiUjL8tr-i3AulDIwE8kBAjC7OA==
expires
Sun, 08 Jan 2023 09:04:43 GMT
get
consent.trustarc.com/ Frame 5937
193 KB
82 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=averta-regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
38dc52503ab42abf03f534260050f8c187a67d0aeb7830bf5f66629d3631edf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 09:04:43 GMT
content-encoding
gzip
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
737
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
4vBUv6Iisax5kn4Toiqs5UvgGqkCYDYVK4IcbYPOCV8jyASS_7EApQ==
expires
Sun, 08 Jan 2023 09:04:43 GMT
get
consent.trustarc.com/ Frame 5937
191 KB
81 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=averta-bold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
4358abd5335102f7d12911cfd2e165183daadd900edc93099bd7bf2151e435c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://consent-pref.trustarc.com/
Origin
https://consent-pref.trustarc.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 09:04:43 GMT
content-encoding
gzip
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
737
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
9FwTvXZvVA2S62FsUI_Hmp0VKfn7tSCzS_vLw88l4Bb9hdWyUTqlig==
expires
Sun, 08 Jan 2023 09:04:43 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame 7D5C
2 KB
1 KB
Document
General
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=avantiwestcoast_co_uk&site=avantiwestcoast.co.uk&action=notice&country=it&locale=it&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-104.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
61063
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 08 Dec 2022 16:19:19 GMT
etag
W/"2008-1668046884000"
expect-ct
max-age=86400; enforce;
last-modified
Thu, 10 Nov 2022 02:21:24 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
ct4mWo-5_kVTSP0oNKbTVFKBphvHvIkRp0GWu3ay7L5U2TyttTHz4Q==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
get
consent.trustarc.com/ Frame 5937
3 KB
2 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=Powered-By-TrustArc.png
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/E386C51EAEB40FABD3D67271C058D97E.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
/
Resource Hash
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Dec 2022 08:17:40 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
3561
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
fnM0gNtZfHl2dLDr-oWkdwrf-_RXVbl2Hymjh8Hl3v1ki8S-IkEszA==
expires
Sun, 08 Jan 2023 08:17:40 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| dataLayer object| pca function| $ function| jQuery function| Popper object| bootstrap string| bstptid string| inputVal string| previousSiblingId string| serviceUrl string| serviceKey object| options boolean| autoLoad string| enableFragment object| loaded boolean| frag function| loadScript function| _rc function| loadService function| _reciteLoaded function| _syncLanguage boolean| reciteLoading function| _handleLanguageClick function| loadAndTranslate function| setUiElements function| applyCss function| isSafeSpaceAvailable function| launchSafeSpace function| hostWidgetInContainer function| destroySafeSpaceWidget function| grecaptchaV3 function| checkConcent object| CurrentUrl1 string| webformsname1 string| itemId string| apiUrl string| nextPageUrl function| _truste_eumap object| truste object| $temp_box_overlay number| $temp_outerdiv object| $temp_style_outerdiv object| $temp_inner_iframe object| $temp_box_overlay_border string| $temp_externalcss boolean| mCustomScrollbar function| setCookie function| getCookie function| GetAttachment function| checkEmail function| ValidateFormFields function| scrollToValidationError function| ValidateValues function| checkFieldValue function| checkOtherAttribute function| RemoveCRSCode function| RemoveTicketIFNo function| IFCompanionAndReturn function| IFReturnCasae function| RemoveRequiredFromTimeField function| GetGANAame object| locations object| complaintType object| SetType object| complaintType2 object| SetType2 object| complaintType3 object| setType3 object| CurrentUrl string| webformsname function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| postscribe object| google_tag_manager_external object| google_tag_manager object| embedded_svc string| GoogleAnalyticsObject function| ga object| google_tag_data object| __dispatched__ undefined| __i__ function| lightningjs function| usabilla_live function| initESW undefined| s function| off function| attachEvent object| capturePlus object| gaplugins object| google_optimize object| gaGlobal object| gaData

9 Cookies

Domain/Path Name / Value
www.railhelp.co.uk/ Name: ASP.NET_SessionId
Value: vf3ebqjkln3z1wj1i2km1blh
www.railhelp.co.uk/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 81d2e4416e43419a9da6f952a576adbf|False
.railhelp.co.uk/ Name: notice_behavior
Value: expressed,eu
.railhelp.co.uk/ Name: _ga
Value: GA1.3.72432924.1670577420
.railhelp.co.uk/ Name: _gid
Value: GA1.3.540267077.1670577420
.railhelp.co.uk/ Name: _gat_UA-170778231-1
Value: 1
.force.com/ Name: BrowserId_sec
Value: PIWcqHeiEe2_Afluh51yWA
prefmgr-cookie.truste-svc.net/ Name: cookie_3rdparty
Value: enabled
consent-pref.trustarc.com/ Name: token_test
Value: Fri Dec 09 2022 09:17:01 GMT+0000 (GMT)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;includeSubdomain
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
consent.truste.com
d.la1-c2-lo2.salesforceliveagent.com
d6tizftlrpuof.cloudfront.net
first11225.pcapredict.com
prefmgr-cookie.truste-svc.net
service.force.com
services.postcodeanywhere.co.uk
use.fontawesome.com
w.usabilla.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.railhelp.co.uk
13.32.27.104
13.32.99.63
161.71.1.38
161.71.3.180
174.129.138.156
18.244.155.128
2606:4700:e2::ac40:840f
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
34.117.233.127
52.16.99.137
52.211.50.179
52.222.206.19
99.86.4.90
0129ef6bbb847c4c484e490949bd0365fc568240d625383bf6a3a08c8e52e56d
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
0788545638ebf35d842c132e5c2961f935e4cfb967b17443b1a012d11bedc7a4
08d62ffd3a7d47ddb8743038c0c4cb5b0d2eefa01ca82a84300787d9b2956626
093fe2dec70e5061e0b4901000934774a5cfd7b30ba07fa2b258e97a37582fa1
0db56a2c91f8a25161f41d53548a505b81133dc9968fd89bcac40c434f724faa
109718dd18b4d6980db9bf8278834bec268cab060f20bbc8308a80e2d9a4b47b
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1405734e6acc4b8397a146384efa0960022b3377ac543b93eda4965e040f7797
163a2119819cb3fb3f3ed89a27f9d8413aa4919b256a840abcf82a1f1c3b4caa
16fbd9eb8ca0e0ee0a9ea3267fd993ad5a7525679d24946655dbe0c13cf02d78
18126d06d89e7c4844d9f9886049d6aec180f4475451cb1beb5926668d9e7095
190bd870e039c52e9c77c3194eb47f6531943408ca972540d032e67bd4d2674a
1cd14031b7fb6e683627617810d0991793ff44c81c8770f6727f0f483a0e77ce
2167f0f23a1d76d2a7784a8457cb7c0225da6008b62409e0eec5e00f3f9b934f
21a06636d287f70e41bf09142f5dbbbf16527f5f77ed9cf276ec920116c0a5dc
220eeb36e5fc07b1dc2fd63ace5c2e1ad22749dd9dff31a2dfeb88761befc56a
224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2f73fd2c518cbe66d55c464b302334553b2e25881b20cfceba797358abe38b91
30f2923f1e79174ced58c7167bed74aee7d4eb29141d0a6f51827477b60f2fde
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
3175df97620413bf2ae297fbe578a8d2ef1e2b9a529cde14d3b74831d4e6b4b8
3234ddcd2b4945df5804df66694b5a5d9f93acf615a99f9945022bdcd18133e6
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
36318ab1dd96462ca7543259f7d7cb7b718dbe0be25b0f37ca020078658cb6d1
36e787df2ba40faf69b16c91b53074c24d22011beb23abbe888efbca1ca4d7bc
38dc52503ab42abf03f534260050f8c187a67d0aeb7830bf5f66629d3631edf0
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
4358abd5335102f7d12911cfd2e165183daadd900edc93099bd7bf2151e435c9
43953170695743e0ad2eee1491375d55eee3cb26aa0f50e3330b88ad379080c6
48d16b3d09726d7a0e4ad5a4ddb80fd386f188e7297428623844023dc9f34de3
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
56c0a1d1ace2eac1edd07a944eb802ca6634861e73b7dc0bb8dc38c6211a8f37
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
5ab5f19f9bd4a4ddcf14235fc1684eefe7cfbfbc33f0a1fce661b13de43092be
5d28b02822c2bc43dbbb5c725b18c614c24a6508a67313df9b5d3ca2aa81d1ab
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5ee90248e4ac655bd8f070ae05e71561be87ad4c137346f1304f43e2965f3848
5f6cb2b2457031045c4898934de00c25b03d6f2aeeccba178e88f9c3ff97a9c1
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
65eb872668809d16c193e60298fdcbd17cbe8c963b0bba450834d45e86c46246
6a916436e8e9de11f4b42159c6ae30a911fee31e0a365dbb3a2edfde05a55b44
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
714327ea0c7455620de460a34d2bb71b2095b1aba1e0c1cd7974db69d6d9473c
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3
7611ceee6271d6dde91e06e622f27ca09c7f6de29a2e44686cff442ca05e22b8
7c030b3c060a0515c30084ae2dbcdf3ef048d292a6bb03fbef58e4b3c700d5c7
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e33e4658c1367e1df27d787f9c2c2df73e047bae1fccefe6cda7da7343df615
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
87c207b24a4a26f7084270b06aa23dded428c0c69883702dcc273c2a7485706d
885f52db6ec708d97291c2c9948d625bf831cc20e63fabd48d72b964f4036d40
8ff4a9ab890a06b6945d4ea9847fe79456326f2ddd790932c660ec6927ca4bd5
9095b0ee25dbc412ea3f008fdb8e2612f90cc7ac63ae37c2574158362f5f394b
91c6f458fef8fd9aada82e7bfce4716dd1f40da335935b2299f421cde3ef9eb2
923897ee794b37db0c508463de3e0ab5382b0656ae2843d789d913d94203a214
924b0367deeb83b9a7008d17fa786671286e9a00e5965e7db2a09569c9cbe8d8
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a61d80c53379e57178d4b0c3e65b9e81815292093ef9691cd8e28837a5f327cb
ad6c7d3fba1997f4a7693f3b7cd5fd45183380bf0547ce93d0f613b06019149c
add9b3402d6bf75ce64b0f08a82887f9e9b0d31af1d3db9cf833662685477070
ae1248de0468c4297d400fdc2616162acffa296612c29a3a7a74a961c9eb2d68
af9a7c21a3a38c9d2256c1c9f5d0fa6666ae504131a7a8e7993012bb44afd2db
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b2dd4b584a1e407c41462e9cdd747388af84ec70d3d08eb216ebf5774b104b13
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b455e36366d9267393a65835b6995d330ee136d78e650e529106d8d4a0cebdde
b904a337599d4b85f5e8e155ff7a90110e62b1d66b544888fd7b0ad133219ed1
b9f34da6fac047c38b6dbccf66c7747bd0f921b7e2be587919e811b7ef80b21c
bb47a46f1e6d958fead01b78dcff924a3730ffe71aa1df4192d4ce4c2d279231
be46a43dcf1bbf8fa3d0987b5c98789abb8626a78d3c9d5c30350bec72f58efe
bf7a61b50946b58216061cd1b0ad91e1d400246dc5f1299b7c17748bf0aabc33
c8e0b34eb8a3e955da84151033adfac32343eb68159fba2749992addcef2bcbf
cf4573f1ed1f560de87f77d9aa1fdf34956f13c657e7cba7c0ab6b156dd59be6
d09f69bdf06ef3318f9018c715109471ccd0b3cf07f8c8eed617075edc43bad6
dce930749243306fb008436776524795baede27c74f9f32c44c0fe16d1165ef3
e4bfed01aa96fcd61cd13e8293e0e4d4376248078b366f05c91f02c70ea8d6df
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f4a9abd81132ebc709933152650375f1392534837591cf6412327ba076ccde07
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fb29dbe204578dd803ad56b7cf7098eece5cda2afd84cb78524590c293d72beb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff64f8f1b8f3e45850b1f290cf8a68b3906e2cd2ef27dff61275280a7251488