urlscan.io logo urlscan.io
SecurityTrails logo

online.standardlife.com Open in urlscan Pro
193.138.107.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.info1.standardlife.co.uk/els/v2/P02rtz20AvF7/Z0JQZW9TTDF0bWhyMzNVZ0VIbnZmbHpJWnZPZVVtSGV1ZHU4TEFHMW5rQ1lMYzVzbVF0TE55eU5M...
Effective URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Submission: On February 04 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 193.138.107.142, located in Edinburgh, United Kingdom and belongs to BT-UK-AS BTnet UK Regional network, GB. The main domain is online.standardlife.com. The Cisco Umbrella rank of the primary domain is 348315.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on August 17th 2022. Valid for: a year.
This is the only time online.standardlife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.156.60.18 16509 (AMAZON-02)
8 193.138.107.142 2856 (BT-UK-AS ...)
8 1
Apex Domain
Subdomains		 Transfer
8 standardlife.com
online.standardlife.com — Cisco Umbrella Rank: 348315
284 KB
1 standardlife.co.uk
links.info1.standardlife.co.uk — Cisco Umbrella Rank: 622988
486 B
8 2
Domain Requested by
8 online.standardlife.com online.standardlife.com
1 links.info1.standardlife.co.uk 1 redirects
8 2

This site contains links to these domains. Also see Links.

Domain
www.standardlife.co.uk
www.fca.org.uk
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
Subject Issuer Validity Valid
online.standardlife.com
GlobalSign Extended Validation CA - SHA256 - G3		 2022-08-17 -
2023-09-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Frame ID: 66D94E2167CD1159293FD0102063B3E2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Standard Life UK Online ServicingShield

Page URL History Show full URLs

  1. https://links.info1.standardlife.co.uk/els/v2/P02rtz20AvF7/Z0JQZW9TTDF0bWhyMzNVZ0VIbnZmbHpJWnZPZVVtSGV1ZHU4TEFHMW5r... HTTP 302
    https://online.standardlife.com/secure/customer-authentication-client/customer/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

284 kB
Transfer

406 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.info1.standardlife.co.uk/els/v2/P02rtz20AvF7/Z0JQZW9TTDF0bWhyMzNVZ0VIbnZmbHpJWnZPZVVtSGV1ZHU4TEFHMW5rQ1lMYzVzbVF0TE55eU5MOUJUOGQ2d0tlZVZDSS91OTArM3hCSUpkOUhWVGNSR2RPdkYvMVZtbnc4VS9VL0VjR0xkYkdjVFlCRTVmZz09S0/ HTTP 302
    https://online.standardlife.com/secure/customer-authentication-client/customer/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
online.standardlife.com/secure/customer-authentication-client/customer/
Redirect Chain
  • https://links.info1.standardlife.co.uk/els/v2/P02rtz20AvF7/Z0JQZW9TTDF0bWhyMzNVZ0VIbnZmbHpJWnZPZVVtSGV1ZHU4TEFHMW5rQ1lMYzVzbVF0TE55eU5MOUJUOGQ2d0tlZVZDSS91OTArM3hCSUpkOUhWVGNSR2RPdkYvMVZtbnc4VS9VL0...
  • https://online.standardlife.com/secure/customer-authentication-client/customer/login
34 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
068f16d038813ce9303cf22c26918f186002af23070afb1cb8d52aa00522a5c0
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Content-Type
text/html;charset=UTF-8
Date
Sat, 04 Feb 2023 12:55:13 GMT
Expires
Wed, 31 Dec 1969 23:59:59 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cnection
close
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-ID
D2C4239760106F00
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

cache-control
no-store
content-language
en-GB
content-length
0
date
Sat, 04 Feb 2023 12:55:13 GMT
location
https://online.standardlife.com/secure/customer-authentication-client/customer/login
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6851e5f468b237438eae4078fbc9d3b8.cloudfront.net (CloudFront)
x-amz-cf-id
f6xLVa1k5LJibUgoLXVspjEYnzd2MX8R3lNjir4jVkPt0YLl_piBhw==
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ubuntu-v15-latin-regular.woff2
online.standardlife.com/secure/customer-authentication-client/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/fonts/ubuntu-v15-latin-regular.woff2
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
Origin
https://online.standardlife.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
X-Cnection
close
Accept-Ranges
bytes
Content-Length
34260
X-XSS-Protection
1; mode=block
X-Request-ID
DB1F57169AC3DF8C
X-UA-Compatible
IE=edge
ubuntu-v15-latin-500.woff2
online.standardlife.com/secure/customer-authentication-client/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/fonts/ubuntu-v15-latin-500.woff2
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
Origin
https://online.standardlife.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
X-Cnection
close
Accept-Ranges
bytes
Content-Length
29864
X-XSS-Protection
1; mode=block
X-Request-ID
6D4AA683DBA5D2F1
X-UA-Compatible
IE=edge
sl-element-library.min.css
online.standardlife.com/secure/customer-authentication-client/css/ 		146 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/css/sl-element-library.min.css
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
1225aecaf75566283c5148844b10166c05b4fc4a6c99f305b17a7a5abc12ca92
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cnection
close
X-XSS-Protection
1; mode=block
X-Request-ID
C1B5E54DA23B9FAD
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
Accept-Ranges
bytes
standardlife-ubuntu-logo.svg
online.standardlife.com/secure/customer-authentication-client/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.standardlife.com/secure/customer-authentication-client/images/standardlife-ubuntu-logo.svg
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
393b8daf2fb5e6b3a4bc573bd0f3d8842622159560c7f93043ea755256c2bb84
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
X-Cnection
close
Accept-Ranges
bytes
Content-Length
18141
X-XSS-Protection
1; mode=block
X-Request-ID
288B9118D14D6166
X-UA-Compatible
IE=edge
sl-element-library.min.js
online.standardlife.com/secure/customer-authentication-client/js/ 		55 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/js/sl-element-library.min.js
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
ad553879953fdc1c5b6ad0ac6b2f1f8394da2bd521dfcbf0e6fe97f978759dda
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cnection
close
Content-Length
56002
X-XSS-Protection
1; mode=block
X-Request-ID
5CA73ED439CBFCEC
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
Accept-Ranges
bytes
jquery-3.3.1.min.js
online.standardlife.com/secure/customer-authentication-client/js/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/js/jquery-3.3.1.min.js
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cnection
close
Content-Length
86926
X-XSS-Protection
1; mode=block
X-Request-ID
96BC5F26DCEC1324
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
Accept-Ranges
bytes
reg-cookie-policy.js
online.standardlife.com/secure/customer-authentication-client/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.standardlife.com/secure/customer-authentication-client/js/reg-cookie-policy.js
Requested by
Host: online.standardlife.com
URL: https://online.standardlife.com/secure/customer-authentication-client/customer/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.138.107.142 Edinburgh, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
/
Resource Hash
4805b5666ccbef150344ee5865d0846699efc948b1c529257b6cd9039a0fd4b2
Security Headers
Name Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://online.standardlife.com/secure/customer-authentication-client/customer/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 12:55:14 GMT
Content-Security-Policy
default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cnection
close
Content-Length
5886
X-XSS-Protection
1; mode=block
X-Request-ID
6D2B4EB4F1D3FE1F
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 26 Oct 2022 12:52:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-transform,public,max-age=3600,s-maxage=3600
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| onSubmit function| checkFieldValidity object| weConfig object| _we object| dataLayer function| $ function| jQuery object| cookiePolicyController

4 Cookies

Domain/Path Name / Value
.online.standardlife.com/secure/customer-authentication-client Name: CSRF
Value: ecc1a03b-b5e4-47c4-8e9a-22d60e3c464d
.online.standardlife.com/secure/customer-authentication-client Name: TS011460e0
Value: 0136e224fd779a0efcfc3859b51fb419e902a55e35519716ac9f0824b761536efcfb90b5300e6d94b751b7ae6d55572ba666d19baf
online.standardlife.com/ Name: JSESSIONID
Value: "xjcgdI7U2WvJzAJ-RF0IWEjbzhiZAEk-XCjBB1gE.P1FD03H02:P1FD03H02_AUTHENTICATION_CLIENT"
online.standardlife.com/ Name: TS012bf7a3
Value: 0136e224fd779a0efcfc3859b51fb419e902a55e35519716ac9f0824b761536efcfb90b5300e6d94b751b7ae6d55572ba666d19baf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:;script-src https: 'unsafe-inline' 'unsafe-eval' https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com https://cccmm-int.sll.hccs.eu https://cccmm.slo.ccc.bt.com;img-src https: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block