login.uat-oriontravelinsurance.com Open in urlscan Pro
107.23.104.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.uat-oriontravelinsurance.com/
Submission: On July 11 via automatic, source certstream-suspicious (July 11th 2024, 4:58:55 pm UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 44 HTTP transactions. The main IP is 107.23.104.252, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.uat-oriontravelinsurance.com.
TLS certificate: Issued by R11 on July 11th 2024. Valid for: 3 months.

This is the only time login.uat-oriontravelinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	107.23.104.252 107.23.104.252	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	207.189.124.40 207.189.124.40	393648 (ACTON-SOF...) (ACTON-SOFTWARE)
3	2603:1030:20c... 2603:1030:20c:9::280	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
44	7

30 107.23.104.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-104-252.compute-1.amazonaws.com

login.uat-oriontravelinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.40 (Greeley, United States)

ASN393648 (ACTON-SOFTWARE, US)
PTR: forpci40.actonsoftware.com

marketing.orionti.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1030:20c:9::280 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

caaccg.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
caaccg.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States) 2 redirects

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	uat-oriontravelinsurance.com login.uat-oriontravelinsurance.com	1 MB
6	google-analytics.com 2 redirects region1.google-analytics.com — Cisco Umbrella Rank: 2949	2 KB
3	piwik.pro caaccg.containers.piwik.pro caaccg.piwik.pro	86 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	276 KB
2	orionti.ca marketing.orionti.ca	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	2 KB
44	6

	Domain	Requested by
30	login.uat-oriontravelinsurance.com	login.uat-oriontravelinsurance.com
6	region1.google-analytics.com	2 redirects www.googletagmanager.com
3	www.googletagmanager.com	login.uat-oriontravelinsurance.com www.googletagmanager.com
2	caaccg.containers.piwik.pro	login.uat-oriontravelinsurance.com
2	marketing.orionti.ca	login.uat-oriontravelinsurance.com
2	fonts.googleapis.com	login.uat-oriontravelinsurance.com
1	caaccg.piwik.pro	caaccg.containers.piwik.pro
44	7

This site contains links to these domains. Also see Links.

Domain
portal.uat-oriontravelinsurance.com
uat-oriontravelinsurance.com
assets.ctfassets.net
www.facebook.com
twitter.com
www.instagram.com
ca.linkedin.com

Subject Issuer	Validity	Valid
uat-oriontravelinsurance.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
marketing.orionti.ca R10	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-01`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.uat-oriontravelinsurance.com/
Frame ID: 930A0B3DF902B997BE56A22C44D5CB26
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Orion

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1848 kB
Transfer

4083 kB
Size

8
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.uat-oriontravelinsurance.com/api/locale-login?locale=en
Title: Login

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/about-us
Title: LEARN MORE ABOUT ORION

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/the-carry-on-blog/dream-plan-and-book-for-future-travel-with-confidence
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/the-carry-on-blog/thia-launches-travellers-bill-of-rights
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/mdrpj0354v2y/72uQbXu9XYxReolPE2Nl8x/1860a827754db012112c46f25574e079/CCG-Accessibility-Statement.pdf
Title: Website Accessibility

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/caa-accessibility
Title: CAA Accessibility Plan

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/mdrpj0354v2y/7eYkMECut0NbmkMu0siBpb/42acc979e10839f625da277048ae476f/Orion-terms-of-use_Jan_2024.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/mdrpj0354v2y/6vifcNrhXPOQz8gvNgrb0n/5b2caf31c741a9e03f98af998d283705/Orion-privacy-policy_Jan_2024.pdf
Title: Privacy

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/mdrpj0354v2y/32CyCv1I0zS9SYhkPK57zb/fd260749025e98e6a28a880d64ffefcc/CAA_Quebec_Product_Summaries_Oct_2022_ENG.pdf
Title: CAA Quebec Product Summary

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/mdrpj0354v2y/1KPUr6zuoMT7xVh3NFIq0w/095308e7bc165b510722bc871b76656a/CAA_QUE_Policy_OCT2022_ENG_Final.pdf
Title: CAA Quebec Policy Guide

Search URL Search Domain Scan URL

URL: https://uat-oriontravelinsurance.com/corporate-news
Title: Media

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OrionTravelInsurance

Search URL Search Domain Scan URL

URL: https://twitter.com/OrionTravelIns

Search URL Search Domain Scan URL

URL: https://www.instagram.com/OrionTravelInsurance

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/orion-travel-insurance

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1732655161.1720717131&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720717130&sct=1&seg=0&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%2F&dt=Home%20-%20Orion&en=scroll&_c=1&epn.percent_scrolled=10&ep.scroll=1&tfd=3035&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=10347621515106606290&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F

Request Chain 42

https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1732655161.1720717131&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1720717130&sct=1&seg=0&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%2F&dt=Home%20-%20Orion&en=scroll&_c=1&epn.percent_scrolled=25&ep.scroll=1&_et=1&tfd=3037&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=1591530074062216602&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
login.uat-oriontravelinsurance.com/ 129 KB
29 KB 1308ms
982ms Document
text/html 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / Next.js

Resource Hash

83ecfb5930b2291cc8434cd7bb3e502bdd61c3665420556f7fd05c50a5f75414

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Jul 2024 16:58:48 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: Next.js

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 77ms
28ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 16:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:38:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 16:58:49 GMT

GET
H/1.1 200
OK image
login.uat-oriontravelinsurance.com/_next/ 56 KB
57 KB 106ms
104ms Image
image/webp 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.uat-oriontravelinsurance.com/_next/image?url=https%3A%2F%2F%2F%2Fimages.ctfassets.net%2Fmdrpj0354v2y%2F3uSxLxtsNJamaGrf9s0HdX%2F9d03b4e6f5dc6d995990dc5df77938c5%2Fhomepage-1920W-ragged-edge-cut.png&w=1920&q=75

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6c7a64c88c76428a0b71d25e831dfd7e7b1c6d86f07f33337ef63076b4f657e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
ETag: bHpkyIx2QooLcdJegx39fnscbYbwfzMzfvYwdrT2V+E=
Vary: Accept
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
X-Nextjs-Cache: HIT
Cache-Control: public, max-age=31536000, must-revalidate, no-store
Content-Disposition: inline; filename="homepage-1920W-ragged-edge-cut.webp"
Connection: keep-alive
Content-Length: 57322

GET
H/1.1 200
OK c4187fe49db9576a.css
login.uat-oriontravelinsurance.com/_next/static/css/ 47 KB
10 KB 283ms
98ms Stylesheet
text/css 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

73027e596f8adccb41765d9e09d2de92000023c52f2557ea47ac4967afa58dcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"bae3-18eb9b2f9f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK b67d5eeb9e831c1a.css
login.uat-oriontravelinsurance.com/_next/static/css/ 8 KB
3 KB 284ms
95ms Stylesheet
text/css 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/css/b67d5eeb9e831c1a.css

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ab557581817d1ce625c73cc16c7eff5682eac6152931fd02e342170004337a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1f6a-18eb9b2f9db"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK webpack-697bd88f255ee789.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 4 KB
2 KB 284ms
93ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/webpack-697bd88f255ee789.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

652c671ac311c5c1ba415666a51fffb56a966c9c9f001057011c5a85d2429643

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"104a-18eb9b2f953"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK framework-0ba0ddd33199226d.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 138 KB
45 KB 391ms
193ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/framework-0ba0ddd33199226d.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0eeabd9384fbc321e1fc2f9835e3434ca7f69a6ddd0add66e67383d3030efa8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"22698-18eb9b2f7b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main-68503a44e637235e.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 107 KB
32 KB 399ms
199ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/main-68503a44e637235e.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

41722f80d5a5bcda8ac06eaec5f5426f1650ef9e57065e3a1a2c5ad3ecf45a75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1aa9a-18eb9b2f7cf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-465b4add7ef74322.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/pages/ 106 KB
34 KB 210ms
198ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/pages/_app-465b4add7ef74322.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

908ae957c2f9fa8ca95864dc1c6afbee54f96a24ffa7358aa66e9807e87d9c0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1a956-18eb9b2f86b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 252f366e-2cebdbf9358f117b.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 918 B
1 KB 100ms
100ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/252f366e-2cebdbf9358f117b.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a63f29c20a486cfd78043efd9da9f6d31e36ba460487aa7f2d09d7fb5c8e9607

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"396-18eb9b2f617"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 918

GET
H/1.1 200
OK 1bfc9850-58e46ec210d51cfb.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 3 KB
2 KB 100ms
100ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/1bfc9850-58e46ec210d51cfb.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

644ef3f1ca5573bad6d2de7e18542096bf483df1311be0f1fa2de0803dd4944a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"b18-18eb9b2f5fb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK a0e03aaa-b0251fc90ec0a134.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 452 B
993 B 98ms
98ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/a0e03aaa-b0251fc90ec0a134.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3b917567644c2526554cc2ce24dc8518b578876e6a47ec9ebfa73c28bb30a919

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1c4-18eb9b2f757"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 452

GET
H/1.1 200
OK 9b380ffa-eb1f648b0fc02104.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 966 B
1 KB 94ms
94ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/9b380ffa-eb1f648b0fc02104.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a3b3cd1c7a1ff5a50de2677725e5bfba07fb20f64c1f64a54476ce526aa08da1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3c6-18eb9b2f743"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 966

GET
H/1.1 200
OK 80-76ebe53ca3bf3e13.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 218 KB
69 KB 100ms
100ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/80-76ebe53ca3bf3e13.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

620d8ccbda4f4b0a01ceb4082580f97f319edf259f05a71e9961d7e5b226c956

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"368de-18eb9b2f6fb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 770-5300a8b7f5f50944.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 41 KB
14 KB 105ms
105ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/770-5300a8b7f5f50944.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5b47e708b7da9e10cf99b49f06c1092228dc465578bd7a42bf1fc2ae64ff7492

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"a364-18eb9b2f6c3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 790-a89ea2af95702abd.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 250 KB
68 KB 99ms
99ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/790-a89ea2af95702abd.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9b62cebadaf415e7179daccfb70d2d69a97ea2c4b7b716618fc52d8468b1c0bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"3e646-18eb9b2f6df"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 587-6079ce565408cfb8.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/ 872 KB
581 KB 106ms
106ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/587-6079ce565408cfb8.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ea60e3525dbe09efa9b6b57df1890c66117f7bbcff5aa1df8648bd2c2d7b502a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"da000-18eb9b2f653"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK %5B%5B...slug%5D%5D-15450e0725aa4a86.js Show response
login.uat-oriontravelinsurance.com/_next/static/chunks/pages/ 2 KB
2 KB 92ms
92ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-15450e0725aa4a86.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6f19c7f5590837421db1af3a16e8c845e83d6856aa12ace8a8c8aced81aac358

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"8bc-18eb9b2f853"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _buildManifest.js Show response
login.uat-oriontravelinsurance.com/_next/static/_LB5rJ11fRhPFx0agTRdk/ 1 KB
1 KB 101ms
100ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/_LB5rJ11fRhPFx0agTRdk/_buildManifest.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2f3985feec4cb3cd7b3f6e333c1831d608db8995aecf9af00ed66760f7f06640

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:56 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"548-18eb9b2f563"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _ssgManifest.js Show response
login.uat-oriontravelinsurance.com/_next/static/_LB5rJ11fRhPFx0agTRdk/ 103 B
643 B 390ms
390ms Script
application/javascript 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/_LB5rJ11fRhPFx0agTRdk/_ssgManifest.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sun, 07 Apr 2024 17:54:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"67-18eb9b2f57b"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103

GET
H2 200 icon
fonts.googleapis.com/ 569 B
441 B 78ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 16:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:58:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 16:58:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
73 KB 79ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZQZNRQL

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5052466e32ce9c8092232e48d99b854b7ba54af0ff797d3bc8cc117a2b0447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73997
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:05:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 16:58:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 94ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDR8VGJ514

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6cf3a9a46d4b96f461fb084eebecf65cfadf1fb0a2605f8843dc66bfe4e6db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 16:58:49 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f663059049069c1c9bc2d30394c41e3153934fc3a6df17aeb3b3fbe7ad73a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK GT-America-Mono-Medium.59a22a00.ttf
login.uat-oriontravelinsurance.com/_next/static/media/ 104 KB
52 KB 278ms
193ms Font
font/ttf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/GT-America-Mono-Medium.59a22a00.ttf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7a5b6e633bfe0ecb746a7cfd97b74f96522f0735c164ce6ff917910845a26cd6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1a18c-18eb9b2fc57"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK GT-America-Mono-Regular.36f4924a.ttf
login.uat-oriontravelinsurance.com/_next/static/media/ 104 KB
51 KB 193ms
109ms Font
font/ttf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/GT-America-Mono-Regular.36f4924a.ttf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d1bf80985cf2fe39a157999d8289043d8329c167b0001d7efda6ba826011fd3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"19eb0-18eb9b2fceb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK Proxima-Nova.060b5d53.ttf
login.uat-oriontravelinsurance.com/_next/static/media/ 145 KB
75 KB 195ms
101ms Font
font/ttf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/Proxima-Nova.060b5d53.ttf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e276990616f276546d42f44c112fe7cbaa6b7287af3556001fa5150f74bb6158

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:59 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"243e8-18eb9b30053"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK Proxima-Nova-Bold.e737b690.ttf
login.uat-oriontravelinsurance.com/_next/static/media/ 145 KB
75 KB 216ms
101ms Font
font/ttf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/Proxima-Nova-Bold.e737b690.ttf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

58a7eeb09c34c8f09480574b2fae1716ea3e946ceee13dc99e91fa0a5150c12b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:59 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"24438-18eb9b2ff17"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK GT-America-Mono-Bold.50e0e19a.ttf
login.uat-oriontravelinsurance.com/_next/static/media/ 111 KB
53 KB 221ms
104ms Font
font/ttf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/GT-America-Mono-Bold.50e0e19a.ttf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f414bb8f5356d0cb0b05ed111f8a869d70592eed323d62924b0d5c580bec2fab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1ba20-18eb9b2fb53"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK MetaSerifPro-BookIta.dca45332.otf
login.uat-oriontravelinsurance.com/_next/static/media/ 172 KB
97 KB 283ms
98ms Font
font/otf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/MetaSerifPro-BookIta.dca45332.otf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

cda12aa5ce7768c9a8b98e494095e71ddaead91598868347e070bc39d22403c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:59 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"2b1b4-18eb9b2fea7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/otf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK Meta-Serif-Pro-Medium.e00538ac.otf
login.uat-oriontravelinsurance.com/_next/static/media/ 167 KB
100 KB 391ms
96ms Font
font/otf 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/media/Meta-Serif-Pro-Medium.e00538ac.otf

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

696d03d0c50dc13db81667052e02ebeae1bbb0003b183cfb8e9d706eafb0c200

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/_next/static/css/c4187fe49db9576a.css
Origin: https://login.uat-oriontravelinsurance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:49 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:59 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"29c8c-18eb9b2fe8f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/otf
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200 44184 Show response
marketing.orionti.ca/cdnr/forpci40/acton/bn/tracker/ 5 KB
5 KB 551ms
163ms Script
application/javascript 207.189.124.40
ACTON-SOFTWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://marketing.orionti.ca/cdnr/forpci40/acton/bn/tracker/44184

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.40 Greeley, United States, ASN393648 (ACTON-SOFTWARE, US),

Reverse DNS

forpci40.actonsoftware.com

Software

Resource Hash

917c304f92e415bc70468869ea1ceb2e5c398a82b4c12d18820e5337d8834098

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/javascript;charset=utf-8
Date: Thu, 11 Jul 2024 16:58:49 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Content-Length: 4847
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H/1.1 401
Unauthorized me
login.uat-oriontravelinsurance.com/api/auth/ 110 B
0 95ms
95ms Fetch
application/json 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/api/auth/me

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/chunks/pages/_app-465b4add7ef74322.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:50 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
ETag: "y7htuss6wu32"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-store
Connection: keep-alive
Content-Length: 110

GET
H/1.1 200
OK image
login.uat-oriontravelinsurance.com/_next/ 18 KB
18 KB 98ms
97ms Image
image/webp 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.uat-oriontravelinsurance.com/_next/image?url=https%3A%2F%2F%2F%2Fimages.ctfassets.net%2Fmdrpj0354v2y%2F46krBQ0PxkYXDNSCyknacY%2F4a2a3f17dd6defbfa999d36f25bda41a%2FSunChairsMedium.png&w=1920&q=75

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

00c428a405747a6fe734a3d1bd4f4ab0bfac0c5ca70e2ecb9d88a71b8f6b6dcb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:50 GMT
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;, frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
ETag: AMQopAV0em-nNKPRvU9KsL+sDFynDi7LnYinG49rbcs=
Vary: Accept
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
X-Nextjs-Cache: HIT
Cache-Control: public, max-age=31536000, must-revalidate, no-store
Content-Disposition: inline; filename="SunChairsMedium.webp"
Connection: keep-alive
Content-Length: 18086

GET
H/1.1 200
OK b67d5eeb9e831c1a.css Show response
login.uat-oriontravelinsurance.com/_next/static/css/ 8 KB
3 KB 95ms
94ms Fetch
text/css 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/_next/static/css/b67d5eeb9e831c1a.css

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/_next/static/chunks/main-68503a44e637235e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ab557581817d1ce625c73cc16c7eff5682eac6152931fd02e342170004337a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:50 GMT
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Last-Modified: Sun, 07 Apr 2024 17:54:58 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"1f6a-18eb9b2f9db"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=31536000, immutable, no-store
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200 44184
marketing.orionti.ca/acton/bn/ 43 B
541 B 163ms
163ms Image
image/gif 207.189.124.40
ACTON-SOFTWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marketing.orionti.ca/acton/bn/44184?target=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%2F&ref=&v=2&ts=1720717130195&nc=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.40 Greeley, United States, ASN393648 (ACTON-SOFTWARE, US),

Reverse DNS

forpci40.actonsoftware.com

Software

Resource Hash

2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 11 Jul 2024 16:58:49 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Content-Length: 43
Vary: Accept-Encoding
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDR8VGJ514&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZQZNRQL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63118897057699d60cacf1dcc72967a7aae510026903f2bc7f694470f53d0136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:58:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 16:58:50 GMT

GET
H/1.1 200
OK favicon.png
login.uat-oriontravelinsurance.com/favicon/ 2 KB
3 KB 94ms
93ms Other
image/png 107.23.104.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.uat-oriontravelinsurance.com/favicon/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.23.104.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-104-252.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f8f52ffd3093cb7a30935968f13fed5e147811a2bb5e9b9dbe31200cdaed5610

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jul 2024 16:58:50 GMT
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Sun, 07 Apr 2024 17:55:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"9e9-18eb9b303bf"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2537

GET
H2 200 1e90de0c-eeb8-4789-adb8-eedc12e187c1.js Show response
caaccg.containers.piwik.pro/ 214 KB
62 KB 318ms
101ms Script
application/javascript 2603:1030:20c:9::280
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://caaccg.containers.piwik.pro/1e90de0c-eeb8-4789-adb8-eedc12e187c1.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1030:20c:9::280 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

07c26f435aefb80e72a479954e357f62cd9fddf25b4c422ae56bf51cb235f23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"9d548891fbcd1224-3a972ce47c080974"
vary: Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: MISS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 46ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1732655161.1720717131&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720717130&sct=1&seg=0&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%2F&dt=Home%20-%20Orion&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3026&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDR8VGJ514&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.uat-oriontravelinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 38ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1732655161.1720717131&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720717130&sct=1&seg=0&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%2F&dt=Home%20-%20Orion&en=page_load_time&epn.loading_time_sec=2.94&_et=2&tfd=3035&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDR8VGJ514&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.uat-oriontravelinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=17...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=10347621515106606290&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735z...

0
0

50ms
50ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=10347621515106606290&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=10347621515106606290&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 524
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.google-analytics.com/g/collect?v=2&tid=G-ZDR8VGJ514&gtm=45je4790v9180478386z89181245735za200zb9181245735&_p=1720717130748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=17...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=1591530074062216602&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za...

0
0

18ms
17ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=1591530074062216602&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:58:50 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1732655161.1720717131&dbk=1591530074062216602&dma=1&dma_cps=syphamo&en=scroll&gtm=45je4790v9180478386z89181245735za200zb9181245735&npa=1&tid=G-ZDR8VGJ514&dl=https%3A%2F%2Flogin.uat-oriontravelinsurance.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 523
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ppms.js Show response
caaccg.containers.piwik.pro/ 60 KB
24 KB 105ms
105ms Script
application/javascript 2603:1030:20c:9::280
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://caaccg.containers.piwik.pro/ppms.js

Requested by

Host: login.uat-oriontravelinsurance.com
URL: https://login.uat-oriontravelinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1030:20c:9::280 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Wed, 29 May 2024 11:49:19 GMT
referrer-policy: origin
etag: W/"6657163f-efb3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Thu, 11 Jul 2024 22:58:51 GMT

POST
H2 202 ppms.php
caaccg.piwik.pro/ 0
0 356ms
100ms Ping
text/html 2603:1030:20c:9::280
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://caaccg.piwik.pro/ppms.php
Requested by: Host: caaccg.containers.piwik.pro
URL: https://caaccg.containers.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1030:20c:9::280 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.uat-oriontravelinsurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uat-oriontravelinsurance.com/	1970-01-21 07:34:37	Name: _ga Value: GA1.1.1732655161.1720717131
.uat-oriontravelinsurance.com/	1970-01-21 07:34:37	Name: _ga_ZDR8VGJ514 Value: GS1.1.1720717130.1.0.1720717130.0.0.0
.orionti.ca/	1970-01-21 06:44:13	Name: wp44184 Value: "XXUBXDDDDDDJJLHAJKJ-BVXL-XXCL-BJZJ-WWIVJVIBVWCTDVJIAXKWC-XXKI-XZUK-ITVK-BTWXYCTHIAUUDNHm-hkphgmkHOLspglNkHgJL_JhtDD"
login.uat-oriontravelinsurance.com/	1970-01-20 21:58:38	Name: stg_traffic_source_priority Value: 1
login.uat-oriontravelinsurance.com/	1970-01-21 06:44:13	Name: stg_last_interaction Value: Thu%2C%2011%20Jul%202024%2016:58:51%20GMT
login.uat-oriontravelinsurance.com/	1970-01-21 06:44:13	Name: stg_returning_visitor Value: Thu%2C%2011%20Jul%202024%2016:58:51%20GMT
login.uat-oriontravelinsurance.com/	1970-01-21 07:24:32	Name: _pk_id.1e90de0c-eeb8-4789-adb8-eedc12e187c1.cf66 Value: e94d5c00137930da.1720717131.1.1720717131.1720717131.
login.uat-oriontravelinsurance.com/	1970-01-20 21:58:38	Name: _pk_ses.1e90de0c-eeb8-4789-adb8-eedc12e187c1.cf66 Value: *

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.uat-oriontravelinsurance.com/api/auth/me Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

caaccg.containers.piwik.pro
caaccg.piwik.pro
fonts.googleapis.com
login.uat-oriontravelinsurance.com
marketing.orionti.ca
region1.google-analytics.com
www.googletagmanager.com
107.23.104.252
2001:4860:4802:34::36
207.189.124.40
2603:1030:20c:9::280
2a00:1450:4001:808::200a
2a00:1450:4001:830::2008
00c428a405747a6fe734a3d1bd4f4ab0bfac0c5ca70e2ecb9d88a71b8f6b6dcb
07c26f435aefb80e72a479954e357f62cd9fddf25b4c422ae56bf51cb235f23f
0eeabd9384fbc321e1fc2f9835e3434ca7f69a6ddd0add66e67383d3030efa8e
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
2f3985feec4cb3cd7b3f6e333c1831d608db8995aecf9af00ed66760f7f06640
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3b917567644c2526554cc2ce24dc8518b578876e6a47ec9ebfa73c28bb30a919
41722f80d5a5bcda8ac06eaec5f5426f1650ef9e57065e3a1a2c5ad3ecf45a75
58a7eeb09c34c8f09480574b2fae1716ea3e946ceee13dc99e91fa0a5150c12b
5b47e708b7da9e10cf99b49f06c1092228dc465578bd7a42bf1fc2ae64ff7492
620d8ccbda4f4b0a01ceb4082580f97f319edf259f05a71e9961d7e5b226c956
63118897057699d60cacf1dcc72967a7aae510026903f2bc7f694470f53d0136
644ef3f1ca5573bad6d2de7e18542096bf483df1311be0f1fa2de0803dd4944a
652c671ac311c5c1ba415666a51fffb56a966c9c9f001057011c5a85d2429643
696d03d0c50dc13db81667052e02ebeae1bbb0003b183cfb8e9d706eafb0c200
6c7a64c88c76428a0b71d25e831dfd7e7b1c6d86f07f33337ef63076b4f657e1
6f19c7f5590837421db1af3a16e8c845e83d6856aa12ace8a8c8aced81aac358
73027e596f8adccb41765d9e09d2de92000023c52f2557ea47ac4967afa58dcb
792318d91d50f2a952e08ec9ad3a4c081d969d62730ef9d4a567da45c8ad635d
7a5b6e633bfe0ecb746a7cfd97b74f96522f0735c164ce6ff917910845a26cd6
83ecfb5930b2291cc8434cd7bb3e502bdd61c3665420556f7fd05c50a5f75414
908ae957c2f9fa8ca95864dc1c6afbee54f96a24ffa7358aa66e9807e87d9c0b
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
917c304f92e415bc70468869ea1ceb2e5c398a82b4c12d18820e5337d8834098
9b62cebadaf415e7179daccfb70d2d69a97ea2c4b7b716618fc52d8468b1c0bd
a3b3cd1c7a1ff5a50de2677725e5bfba07fb20f64c1f64a54476ce526aa08da1
a5052466e32ce9c8092232e48d99b854b7ba54af0ff797d3bc8cc117a2b0447d
a63f29c20a486cfd78043efd9da9f6d31e36ba460487aa7f2d09d7fb5c8e9607
a8f663059049069c1c9bc2d30394c41e3153934fc3a6df17aeb3b3fbe7ad73a2
ab557581817d1ce625c73cc16c7eff5682eac6152931fd02e342170004337a81
cda12aa5ce7768c9a8b98e494095e71ddaead91598868347e070bc39d22403c5
d1bf80985cf2fe39a157999d8289043d8329c167b0001d7efda6ba826011fd3c
d6cf3a9a46d4b96f461fb084eebecf65cfadf1fb0a2605f8843dc66bfe4e6db1
d780ea58706b7a21b1db69f47c3c575c1f952291cc7963ae7ea050e78d1b1e6b
e276990616f276546d42f44c112fe7cbaa6b7287af3556001fa5150f74bb6158
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea60e3525dbe09efa9b6b57df1890c66117f7bbcff5aa1df8648bd2c2d7b502a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f414bb8f5356d0cb0b05ed111f8a869d70592eed323d62924b0d5c580bec2fab
f8f52ffd3093cb7a30935968f13fed5e147811a2bb5e9b9dbe31200cdaed5610

login.uat-oriontravelinsurance.com Open in urlscan Pro 107.23.104.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

67 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1848 kBTransfer

4083 kBSize

8 Cookies

16 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.uat-oriontravelinsurance.com Open in urlscan Pro
107.23.104.252 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1848 kB
Transfer

4083 kB
Size

8
Cookies

44 HTTP transactions
2 data transactions